english.nv.ua Open in urlscan Pro
2606:4700:10::ac43:175a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://english.nv.ua/
Effective URL:
https://english.nv.ua/
Submission Tags: falconsandbox
Submission: On February 24 via api (February 24th 2023, 6:10:21 pm UTC) from US — Scanned from DE

Summary HTTP 142 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 57 IPs in 14 countries across 40 domains to perform 142 HTTP transactions. The main IP is 2606:4700:10::ac43:175a, located in United States and belongs to CLOUDFLARENET, US. The main domain is english.nv.ua. The Cisco Umbrella rank of the primary domain is 157295.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time english.nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:10:... 2606:4700:10::ac43:175a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	138.199.37.230 138.199.37.230	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:400d:808::2008	15169 (GOOGLE) (GOOGLE)
1 4	51.83.200.186 51.83.200.186	16276 (OVH) (OVH)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
7	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::1077:1	200325 (BUNNYCDN) (BUNNYCDN)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
1	167.235.242.31 167.235.242.31	24940 (HETZNER-AS) (HETZNER-AS)
1	2400:52e0:1e0... 2400:52e0:1e00::722:1	200325 (BUNNYCDN) (BUNNYCDN)
1	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1 4	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	3.65.157.218 3.65.157.218	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.2.211.147 23.2.211.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	54.239.33.158 54.239.33.158	16509 (AMAZON-02) (AMAZON-02)
2 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 5	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 4	2a05:d018:d29... 2a05:d018:d29:3605:3a35:c032:6d7e:7081	16509 (AMAZON-02) (AMAZON-02)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	18.193.14.187 18.193.14.187	16509 (AMAZON-02) (AMAZON-02)
2 2	54.76.9.111 54.76.9.111	16509 (AMAZON-02) (AMAZON-02)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	35.201.96.126 35.201.96.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.229 185.64.189.229	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	198.47.127.20 198.47.127.20	() ()
142	57

32 2606:4700:10::ac43:175a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

english.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.37.230 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-230.bunnyinfra.net

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.83.200.186 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-51-83-200.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::1077:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 137.74.6.209 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.242.31 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.242.235.167.clients.your-server.de

server.smartytech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::722:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.157.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-157-218.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.24.185 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b087db836265140778d4b1ab79e709f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.2.211.147 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-211-147.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.33.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.143.56 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3605:3a35:c032:6d7e:7081 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.14.187 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-14-187.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.9.111 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-9-111.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.23 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.148.16 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	nv.ua 1 redirects english.nv.ua — Cisco Umbrella Rank: 157295 static.nv.ua — Cisco Umbrella Rank: 316805	616 KB
16	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	144 KB
13	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 447 ads.pubmatic.com — Cisco Umbrella Rank: 457 image6.pubmatic.com — Cisco Umbrella Rank: 725 simage2.pubmatic.com — Cisco Umbrella Rank: 668 image2.pubmatic.com — Cisco Umbrella Rank: 846 aud.pubmatic.com — Cisco Umbrella Rank: 4167 image4.pubmatic.com — Cisco Umbrella Rank: 938 simage4.pubmatic.com	27 KB
12	googlesyndication.com b087db836265140778d4b1ab79e709f4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	129 KB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 eus.rubiconproject.com — Cisco Umbrella Rank: 533 pixel.rubiconproject.com — Cisco Umbrella Rank: 313 token.rubiconproject.com — Cisco Umbrella Rank: 541	14 KB
8	yahoo.com 5 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	3 KB
8	amazon-adsystem.com 5 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940 s.amazon-adsystem.com — Cisco Umbrella Rank: 267	6 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 479 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 dsum.casalemedia.com — Cisco Umbrella Rank: 1267	6 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4370 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
5	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 714 gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719 dis.criteo.com — Cisco Umbrella Rank: 686	8 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 acdn.adnxs.com — Cisco Umbrella Rank: 542	21 KB
5	adform.net 3 redirects adx.adform.net — Cisco Umbrella Rank: 4185 c1.adform.net — Cisco Umbrella Rank: 590	3 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 65461 ls.hit.gemius.pl — Cisco Umbrella Rank: 13192	22 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 63592	233 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3661	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4426	562 B
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 31550	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608 cdn.indexww.com — Cisco Umbrella Rank: 1453	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	58 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 589	498 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 498 eb2.3lift.com — Cisco Umbrella Rank: 338	662 B
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9955	653 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 761	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	160 KB
2	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 17559	2 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 730	610 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2072	419 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	725 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 654	507 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 361	647 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5762	284 B
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 55852
1	smartytech.io server.smartytech.io — Cisco Umbrella Rank: 68617	338 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	26 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 177949	310 B
142	40

	Domain	Requested by
22	static.nv.ua	english.nv.ua
10	english.nv.ua	1 redirects english.nv.ua
8	cm.g.doubleclick.net	6 redirects
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net english.nv.ua tpc.googlesyndication.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net english.nv.ua
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ups.analytics.yahoo.com	4 redirects
4	match.adsrvr.org	ssum-sec.casalemedia.com ads.pubmatic.com
4	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	ib.adnxs.com	1 redirects cdn.membrana.media acdn.adnxs.com
4	www.google-analytics.com	www.googletagmanager.com english.nv.ua
4	cdn.membrana.media	english.nv.ua cdn.membrana.media
4	gaua.hit.gemius.pl	1 redirects english.nv.ua gaua.hit.gemius.pl
3	image2.pubmatic.com	ads.pubmatic.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	x.bidswitch.net	3 redirects
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	www.google.com	1 redirects english.nv.ua tpc.googlesyndication.com
2	visitor.fiftyt.com	2 redirects
2	d5p.de17a.com	2 redirects
2	r.scoota.co	2 redirects
2	ads.pubmatic.com	cdn.membrana.media ads.pubmatic.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	www.google.de	english.nv.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	ap.lijit.com	cdn.membrana.media
2	a4p.adpartner.pro	1 redirects cdn.membrana.media
2	unpkg.com	1 redirects english.nv.ua
2	www.googletagmanager.com	english.nv.ua www.googletagmanager.com
2	l.getsitecontrol.com	english.nv.ua l.getsitecontrol.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	dis.criteo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	cms.quantserve.com	1 redirects
1	px.ads.linkedin.com
1	image6.pubmatic.com	ads.pubmatic.com
1	eb2.3lift.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	acdn.adnxs.com	cdn.membrana.media
1	googleads.g.doubleclick.net	english.nv.ua
1	mug.criteo.com
1	b087db836265140778d4b1ab79e709f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	ym-tack.b-cdn.net	cdn.membrana.media
1	server.smartytech.io	english.nv.ua
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	www.googletagservices.com	english.nv.ua
1	c.hit.ua	english.nv.ua
142	72

This site contains links to these domains. Also see Links.

Domain
nv.ua
fightforua.org
ua.depositphotos.com
interfax.com.ua
ukranews.com
hit.ua

Subject Issuer	Validity	Valid
nv.ua Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2022-03-05` - `2023-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
hit.ua R3	`2022-12-16` - `2023-03-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
cdn.membrana.media R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
adpartner.pro R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://english.nv.ua/
Frame ID: 03F77374D44CA2E83CC97ABB7A9F36D3
Requests: 79 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: BFBC4A1E6B78CDBAEFECBC1C63F4369C
Requests: 1 HTTP requests in this frame

Frame: https://b087db836265140778d4b1ab79e709f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA5A4B79298B40392457B6444DCFCF24
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs
Frame ID: AC3A635F10F41040451F0D3C76FD460B
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=english.nv.ua
Frame ID: 84F6BD01625D29F209C1BAE2692419E6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C3F26B6F0704D22A81158D0E9CD03AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F2A82AD80F051D20054121B4E5C95AC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 011C26A12206CA3C42B89711B4F85C0D
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F8AFD429F3933DF832B16A32F4A46253
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 77FA70EA103505C8E5893D33267BE73B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: F7EF339354F08384B085DA927833C8B2
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13408038
Frame ID: 6C48A88FDFB938CA38EC49799E593465
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Frame ID: A4DD2C70D5F8B033D0793939AC376991
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6CF394732C75CD7FC8C9784A58DF19F1
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent=
Frame ID: 7EC5731CF5B034658A7385C7BD44FC2D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b&gdpr=0&gdpr_consent=
Frame ID: BD45177DD1E1365460B3320F8A45A412
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7438260330950267314
Frame ID: C8F41B4CB27199076BA5543DC176F1D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 9DF7EE10467D2FCBFF07506998722D1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ukraine News Premier Independent English-language Source — The New Voice of Ukraine

Page URL History Show full URLs

http://english.nv.ua/ HTTP 301
https://english.nv.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

142
Requests

82 %
HTTPS

36 %
IPv6

40
Domains

72
Subdomains

57
IPs

14
Countries

1605 kB
Transfer

3657 kB
Size

63
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://nv.ua/
Title: ukr

Search URL Search Domain Scan URL

URL: https://nv.ua/ru
Title: rus

Search URL Search Domain Scan URL

URL: https://fightforua.org/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Interfax-Ukraine"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: “Ukrainian News”

Search URL Search Domain Scan URL

URL: https://nv.ua/new_landings/variant_1.html?utm_source=site&utm_medium=popup&utm_campaign=psubscription
Title: ПРОДОЛЖИТЬ ПОДПИСКУ

Search URL Search Domain Scan URL

URL: https://nv.ua/reset_password.html
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://nv.ua/new_landings/variant_1.html
Title: Подписаться

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0' aria-label="hit.ua"/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://english.nv.ua/ HTTP 301
https://english.nv.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

Request Chain 43

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D HTTP 302
https://server.smartytech.io/icm.gif?uid=c62fc28a-3ab9-4b6f-a429-9561a3c6dc88

Request Chain 59

https://gaua.hit.gemius.pl/_1677262213969/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=PPyFig07XvX_7C4WNXbrc_TUgXxNk67ugj0LFcj.tNX.V7Bpqr.Bmshfa7Xp3w4vLqr_WC3_o6SN9TXctU8hztyOy11_/eXWVBfnXMVTlm/&fpdata=tRwqsh8VBVUTd_VTSs1qJOykG0_4AhzNjVWpwwxTYbT.Q7&ltime=190&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63f8fd852e4a92d2&brts=1677262213&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1677262213969/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=PPyFig07XvX_7C4WNXbrc_TUgXxNk67ugj0LFcj.tNX.V7Bpqr.Bmshfa7Xp3w4vLqr_WC3_o6SN9TXctU8hztyOy11_/eXWVBfnXMVTlm/&fpdata=tRwqsh8VBVUTd_VTSs1qJOykG0_4AhzNjVWpwwxTYbT.Q7&ltime=190&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63f8fd852e4a92d2&brts=1677262213&fpcap=

Request Chain 91

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=english.nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Cy_7lHxrVjk3YlJ1UHphbWdYa1NWYml5T1B4VjdOYWdvTktRQWNrQWMwdWR3WjlWVFZQTjZBdGdBL3hrUTQvS21yRjJIUU5IN3gwa3ZIa0VCc3F5WmRZTG9zbWVTS2RNN0wwWjFYM3F2R3EwbWVtTEgzSWJqUjBkZkx2SHlGZ1NrcU1INXR4NThxU3NucGVvVUx3L3NtNEVwdHFiVlZuZkMrdm16aUQ5NEszSDdpeGk2dS9FSFJsWmdDcjlRdDRJZWRTK0lqd09aeEI3OEs3bXN3NUcwSElxWUs1U3ZGekVvOEovaUJvZ1Fyakp5cENUM3VWekYyRHJHN1lXOWliYmpOd0swR2t6RXVCbUNkVUVDNXlpb3V3VStKQT09fA&cppv=2

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 105

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 108

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WHSSyTjDSA6pK8An-RwmQg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WHSSyTjDSA6pK8An-RwmQg

Request Chain 109

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEIUM73I-P-GNTR

Request Chain 110

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJVU03M0ktUC1HTlRS

Request Chain 111

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hbDBsC9nQWiADjlJCJ0H-A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hbDBsC9nQWiADjlJCJ0H-A

Request Chain 112

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Vo_YVcKFzcgtW5uNCLADQg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8OUp9NRE2oKECqbkRKpGH2pkD3w.UREGVk6U4A--~A

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDrz-zpcrhztmWXuAesOMmM&google_cver=1

Request Chain 114

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODZjYWU0YjZmMDc2YjE5NzFiYzRjODJkNWI0ZjA4Mjk5ZWNlNTkxNg

Request Chain 117

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&dcc=t

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAhhzgGRaMnmSwXzqtlC3vo&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-j9ibeAXIpyPdSTCIvtbQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECTpxyJ6xeSYZ-vFuQUE0Zw&google_cver=1

Request Chain 120

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Vn3f5wYqgeZNeIrrBHmU6gJ_iOtNeIzpAXqUZ5E_

Request Chain 121

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB

Request Chain 123

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1f031b81-4546-45e8-8daf-981a49436cc7&ssp=index HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5b079f9b-9b21-4574-ba34-724e76ca314a&gdpr=&gdpr_consent=&us_privacy=

Request Chain 125

https://c1.adform.net/serving/cookie/match?party=14&cid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent=

Request Chain 126

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b&gdpr=0&gdpr_consent=

Request Chain 127

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7438260330950267314

Request Chain 128

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bgtCvUYqTJSjvUB1XLWQXg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 130

https://pixel.onaudience.com/?partner=214&mapped=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 131

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&addseg=19,36,42

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkUwQjQyQkQtNDYyQS00Qzk0LUEzQkQtNDA3NTVDQjU5MDVF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA5ibiltI-d4usnjB-L5J4o&google_cver=1

Request Chain 136

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7469139115461803530

Request Chain 138

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q0nWsgJE2uW8tsCVMcPabFvaS1DMY6Q-~A&gdpr=0

142 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
english.nv.ua/
Redirect Chain

http://english.nv.ua/
https://english.nv.ua/

128 KB
25 KB

62ms
29ms

Document
text/html

2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d48a0d28f5235e2be78a682208a932e5e4d0932ba728d2420be9e03c5a98fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 240
cache-control: no-cache, private
cf-cache-status: HIT
cf-ray: 79ea28221f0a366b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 18:10:13 GMT
last-modified: Fri, 24 Feb 2023 18:06:13 GMT
nv-cache: 600s
server: cloudflare
vary: Accept-Encoding
x-cacheable: 1

Redirect headers

CF-Cache-Status: MISS
CF-RAY: 79ea2821a9349067-FRA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 24 Feb 2023 18:10:13 GMT
Location: https://english.nv.ua/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 non-main-page.css
english.nv.ua/css/ 144 KB
23 KB 31ms
30ms Stylesheet
text/css 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/css/non-main-page.css?4.139
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859990f25046d5238a2806fa319548a490d6a0ffaa4c24968301d218be55433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 09:37:55 GMT
server: cloudflare
age: 194288
cf-polished: origSize=147014
etag: W/"63b7ebf3-23e46"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
cf-ray: 79ea28224f64366b-FRA
expires: Fri, 23 Feb 2024 12:12:05 GMT

GET
H2 200 44e1cfb4560d6b488315487fbdba1cc9.jpg
static.nv.ua/shared/system/Article/posters/002/644/592/original/ 12 KB
13 KB 46ms
30ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/592/original/44e1cfb4560d6b488315487fbdba1cc9.jpg?q=85&stamp=20230224112858&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d71a2be08c3a1a6331707dbefc9deef6ce025f73f75722160cb4bcac3096aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 09:07:13 GMT
server: cloudflare
age: 27863
etag: "6826652df79d764ed88a96515e534ccf"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea28226f92366b-FRA
expires: Sun, 26 Mar 2023 10:25:50 GMT

GET
H2 200 5wvqvd27.js Show response
l.getsitecontrol.com/ 433 B
1 KB 65ms
8ms Script
text/javascript 138.199.37.230
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/5wvqvd27.js
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-230.bunnyinfra.net
Software: BunnyCDN-DE1-864 /
Resource Hash: baf95d52d917f11b8ab6bb81a32762d97dcd1f107017910a9b66174e8a98ab7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: br
cdn-edgestorageid: 752
x-amz-request-id: 40GVEN42FAF8N6GY
cdn-cachedat: 02/21/2023 11:39:28
cdn-pullzone: 89704
x-amz-id-2: VTjaBqkg/DQupRV6537cTn0OoQdq0JAxb1yExGkJEryDYh6w8IGmWGj+JwWbn2IYBh1Lv5K7Yrg=
last-modified: Wed, 05 Oct 2022 06:56:17 GMT
server: BunnyCDN-DE1-864
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"a6ccd598191afc17bfb2cc10d1f2b816"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: 4d968324576d93b527a2a69001d9bddf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
85 KB 187ms
70ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

512b6ce8e25311fb923f0e978955b023d72cf702a1e16bea7d447c6eaa8924cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86822
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 18:10:13 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
english.nv.ua/fonts/noto/ 37 KB
37 KB 33ms
32ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/non-main-page.css?4.139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://english.nv.ua/css/non-main-page.css?4.139
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 2026818
etag: "60e41fd8-944c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 79ea28229ff5366b-FRA
content-length: 37964
expires: Fri, 02 Feb 2024 07:09:55 GMT

GET
H2 200 icons.ttf
english.nv.ua/fonts/ 14 KB
14 KB 40ms
38ms Font
application/octet-stream 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/icons.ttf?686a3322dd25953a70b02d42b58ae3c0
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/non-main-page.css?4.139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://english.nv.ua/css/non-main-page.css?4.139
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: cloudflare
age: 2026818
etag: "616eaf71-3914"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 79ea28229ff7366b-FRA
content-length: 14612
expires: Fri, 02 Feb 2024 07:09:55 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
english.nv.ua/fonts/noto/ 37 KB
38 KB 29ms
28ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/non-main-page.css?4.139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://english.nv.ua/css/non-main-page.css?4.139
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 2026818
etag: "60e41fd8-9578"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 79ea28229ff9366b-FRA
content-length: 38264
expires: Fri, 02 Feb 2024 07:09:55 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
english.nv.ua/fonts/noto/ 58 KB
58 KB 48ms
47ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/non-main-page.css?4.139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://english.nv.ua/css/non-main-page.css?4.139
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 1789384
etag: "60e41fd8-e8b8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 79ea28229ffa366b-FRA
content-length: 59576
expires: Mon, 05 Feb 2024 01:07:09 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
english.nv.ua/fonts/noto/ 53 KB
53 KB 37ms
36ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/non-main-page.css?4.139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://english.nv.ua/css/non-main-page.css?4.139
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 2026818
etag: "60e41fd8-d430"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 79ea28229ffd366b-FRA
content-length: 54320
expires: Fri, 02 Feb 2024 07:09:55 GMT

GET
H2 200 nv_en_logo.png
static.nv.ua/images/main/ 8 KB
8 KB 29ms
29ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/nv_en_logo.png?q=85&f=webp&stamp=4.139
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76c0de81daa83a186eb4607d36d518d27045937fc36819c858576387d744ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
age: 2681
cf-polished: origFmt=png, origSize=12751
content-disposition: inline; filename="nv_en_logo.webp"
content-length: 8072
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Feb 2022 13:52:33 GMT
server: cloudflare
etag: "61fbde21-31cf"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79ea2822b842366b-FRA

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 131ms
28ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 63cfbcc612feb4e41d3792c5630e579d89b1292f4095c057f97e40a7901f24ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 10:51:37 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17134
expires: Sat, 25 Feb 2023 06:10:13 GMT

GET
H2 200 394454b5ef10c391518c1271e14b221c.jpg
static.nv.ua/shared/system/Article/posters/002/644/648/original/ 21 KB
22 KB 33ms
30ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/648/original/394454b5ef10c391518c1271e14b221c.jpg?q=85&stamp=20230224122944&w=600&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0286fa5153cf6692de386fe31fe795b0fd22b2aca342cc1251b66b874d6eead3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 09:36:28 GMT
server: cloudflare
age: 24606
etag: "d0a56f8e6e379d1475201fdc9edb18a3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea282308c9366b-FRA
expires: Sun, 26 Mar 2023 11:20:07 GMT

GET
H2 200 ec139c425597b49463615328369c1e9d.jpg
static.nv.ua/shared/system/Article/posters/002/644/953/original/ 16 KB
16 KB 30ms
27ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/953/original/ec139c425597b49463615328369c1e9d.jpg?q=85&stamp=20230224191846&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5acf9cfcf38ba42b5b3be60ffdacd0dd22bae946f9ecb249b1340c2575cd9cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 16:46:35 GMT
server: cloudflare
age: 926
etag: "5e9d906f5eb5be04c5ba610f6bca8d4c"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea282308ca366b-FRA
expires: Sun, 26 Mar 2023 17:54:47 GMT

GET
H2 200 16ea4182f3550c31a7a5036443e4a105.jpg
static.nv.ua/shared/system/Article/posters/002/644/942/original/ 8 KB
8 KB 36ms
32ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/942/original/16ea4182f3550c31a7a5036443e4a105.jpg?q=85&stamp=20230224185647&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7459ac64908a624e52f3124789a288847482c26829404252458fd8216129be98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 16:10:21 GMT
server: cloudflare
age: 1903
etag: "a9f25ab8e369bb065da5053bafe036eb"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea282308cb366b-FRA
expires: Sun, 26 Mar 2023 17:38:30 GMT

GET
H2 200 38939da2b10e4c16ebf60dd5dbc5decd.jpg
static.nv.ua/shared/system/Article/posters/002/644/935/original/ 6 KB
7 KB 33ms
30ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/935/original/38939da2b10e4c16ebf60dd5dbc5decd.jpg?q=85&stamp=20230224183741&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a00c9dd109d76fa26eb6e19cb079506d4d36b6d4867502960587ef38beb46af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 15:55:16 GMT
server: cloudflare
age: 1902
etag: "fa3275a28e28487735644f37fdc98e55"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea282308cc366b-FRA
expires: Sun, 26 Mar 2023 17:38:31 GMT

GET
H2 200 d6b07ed9298ef057bbe5037d80ede4d7.jpg
static.nv.ua/shared/system/Article/posters/002/644/930/original/ 5 KB
5 KB 32ms
29ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/930/original/d6b07ed9298ef057bbe5037d80ede4d7.jpg?q=85&stamp=20230224182503&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f54d6a803a328aa24031e5fcc677057983af13f80d85e074ec401a7f4227c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 15:32:02 GMT
server: cloudflare
age: 5760
etag: "7df49b3d4658d9527fb67ffaea0254ea"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea282308cd366b-FRA
expires: Sun, 26 Mar 2023 16:34:13 GMT

GET
H2 200 3f63301dfa0512a87796c29c6a31c8ba.jpg
static.nv.ua/shared/system/Article/posters/002/644/909/original/ 13 KB
13 KB 31ms
28ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/909/original/3f63301dfa0512a87796c29c6a31c8ba.jpg?q=85&stamp=20230224175134&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3787f769b61644ea4cb716b4e323b6451fe98bd09d403a8b8e7c74b1dce1f1b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 15:10:15 GMT
server: cloudflare
age: 7156
etag: "8c173c20bac2a14e335257de8c622ac7"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea282308d0366b-FRA
expires: Sun, 26 Mar 2023 16:10:57 GMT

GET
H2 200 58073c8cf9df5409dc78b421f2b1ca5c.jpg
static.nv.ua/shared/system/Article/posters/002/644/900/original/ 6 KB
6 KB 28ms
28ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/900/original/58073c8cf9df5409dc78b421f2b1ca5c.jpg?q=85&stamp=20230224173020&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57515365b47a12d529c5335c7ae09f68591fed6b628f884f5cd3209774624c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 14:47:07 GMT
server: cloudflare
age: 7156
etag: "c3f6026401a1ffe950ed17e132739ed3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea2823291d366b-FRA
expires: Sun, 26 Mar 2023 16:10:57 GMT

GET
H2 200 e110c3dfe055233ea60b3cfca1f47212.jpg
static.nv.ua/shared/system/Article/posters/002/644/895/original/ 9 KB
9 KB 29ms
25ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/895/original/e110c3dfe055233ea60b3cfca1f47212.jpg?q=85&stamp=20230224172357&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 303e6a8016499ee0a3c3e2ba029734919d87e65dac32e1a9f148485dcc93e5b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 14:41:13 GMT
server: cloudflare
age: 7156
etag: "63b6021d5e36d7b2ba94a702d87226a5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea28233926366b-FRA
expires: Sun, 26 Mar 2023 16:10:57 GMT

GET
H2 200 89f2720a48bdec005dc2e7718715412f.jpg
static.nv.ua/shared/system/Article/posters/002/644/888/original/ 11 KB
12 KB 30ms
30ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/888/original/89f2720a48bdec005dc2e7718715412f.jpg?q=85&stamp=20230224171251&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b67260dcb0cf2f82daa913fd4f87b6272edbc656f3fc22b445287c928a38d7ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 14:26:39 GMT
server: cloudflare
age: 9034
etag: "395834500c3953729cbb4c81d7265440"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea28233929366b-FRA
expires: Sun, 26 Mar 2023 15:39:39 GMT

GET
H2 200 e39eaae07bce263d85721745a07b34c2.jpg
static.nv.ua/shared/system/Article/posters/002/644/877/original/ 2 KB
2 KB 34ms
33ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/877/original/e39eaae07bce263d85721745a07b34c2.jpg?q=85&stamp=20230224170215&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc50da0209bd1a4a5d6f47c76f0177be1b992f8a9a65011ab5afc6431b6bd867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 14:16:44 GMT
server: cloudflare
age: 9034
etag: "dde051cb98698db0d38d9374af9e4a58"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea2823392a366b-FRA
expires: Sun, 26 Mar 2023 15:39:39 GMT

GET
H2 200 05028843c2ab93bce4ff64f9efe9a9b7.jpg
static.nv.ua/shared/system/Article/posters/002/644/864/original/ 7 KB
7 KB 27ms
27ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/864/original/05028843c2ab93bce4ff64f9efe9a9b7.jpg?q=85&stamp=20230224165414&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b86d2278f42b16eaf21b1fc20165f2f53065349187b81ccfaf5417959d42e450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 14:02:16 GMT
server: cloudflare
age: 9034
etag: "ad415994b51bf6dcae04bfb04fad6d73"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea2823392d366b-FRA
expires: Sun, 26 Mar 2023 15:39:39 GMT

GET
H2 200 5.png
static.nv.ua/shared/system/banners/image_desktops/000/000/143/original/ 82 KB
82 KB 29ms
29ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/banners/image_desktops/000/000/143/original/5.png?q=85&stamp=20220308084831&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e183f81222f4a423022bd5bf091afd5e9d9631c183e35626e41d7dfa7c09584a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 00:44:23 GMT
server: cloudflare
age: 1773703
etag: "623b9d63c7bedda916c01633315945f2"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea2823392f366b-FRA
expires: Mon, 06 Mar 2023 05:28:28 GMT

GET
H2 200 aeacc915ceb2bff7e93340c6be524851.jpg
static.nv.ua/shared/system/Article/posters/002/644/859/original/ 34 KB
34 KB 34ms
27ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/859/original/aeacc915ceb2bff7e93340c6be524851.jpg?q=85&stamp=20230224164454&w=600&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c691fbb0e8275c1dda83610d0cd3afedd6c0ff0bf6bfccf9a71feb95635335f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 13:51:23 GMT
server: cloudflare
age: 325
etag: "37bf425e8c65099511d86772ee353bb5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea28236984366b-FRA
expires: Sun, 26 Mar 2023 18:04:48 GMT

GET
H2 200 f900e748b7c599d537bd8d6b3ba977d2.jpg
static.nv.ua/shared/system/Article/posters/002/644/846/original/ 4 KB
4 KB 28ms
27ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/846/original/f900e748b7c599d537bd8d6b3ba977d2.jpg?q=85&stamp=20230224163425&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbbf779ffbc6552caf59d897c38bb535a0a7939c345fa0d6c97cc2c00e6fef83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 13:38:45 GMT
server: cloudflare
age: 9030
etag: "407a6d4cb6051b54c9cbb5291cc8b72e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea28236987366b-FRA
expires: Sun, 26 Mar 2023 15:39:43 GMT

GET
H2 200 feb89d0f8bef18f19887fcf82582fa18.jpg
static.nv.ua/shared/system/Article/posters/002/644/835/original/ 13 KB
14 KB 26ms
26ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/835/original/feb89d0f8bef18f19887fcf82582fa18.jpg?q=85&stamp=20230224161542&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0a8ad9d568737a29441a56d2d51add5e722b7c8dd7b2711a8f634ea0d374bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 13:23:01 GMT
server: cloudflare
age: 9030
etag: "3c8384a8c9e55d828b12ba21c65d03a2"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea2823698b366b-FRA
expires: Sun, 26 Mar 2023 15:39:43 GMT

GET
H2 200 76640e90903f73adcaf0df8e1999f6fc.jpg
static.nv.ua/shared/system/Article/posters/002/644/826/original/ 11 KB
11 KB 29ms
28ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/826/original/76640e90903f73adcaf0df8e1999f6fc.jpg?q=85&stamp=20230224160653&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce94eef1db9133cc5d3c46c0b6a83e8a304af5578bb60d35f861eae8146f3d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 13:14:00 GMT
server: cloudflare
age: 12851
etag: "f3b70386914f0760e3bbaabe49f8a4eb"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea2823698d366b-FRA
expires: Sun, 26 Mar 2023 14:36:02 GMT

GET
H2 200 af63d544e0c1cb407c5aa07d9c416b57.jpg
static.nv.ua/shared/system/Article/posters/002/644/809/original/ 9 KB
9 KB 31ms
30ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/809/original/af63d544e0c1cb407c5aa07d9c416b57.jpg?q=85&stamp=20230224154327&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dcdeb60a2feee504a9343ccfcb032c6f0686bbcdf50f20fb8098046a8ed3c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 12:56:23 GMT
server: cloudflare
age: 14842
etag: "35d998b0dbcf188d11a6a7f3e6b6f303"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea28236995366b-FRA
expires: Sun, 26 Mar 2023 14:02:51 GMT

GET
H2 200 0f014694f54adcf66df3fe51fe522388.jpg
static.nv.ua/shared/system/Article/posters/002/644/806/original/ 9 KB
9 KB 37ms
36ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/806/original/0f014694f54adcf66df3fe51fe522388.jpg?q=85&stamp=20230224153746&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03cc8531ed409eee48cb2f62f80c722e2c1e4ff803e6a7e1bffe683e6f010ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 12:46:26 GMT
server: cloudflare
age: 15529
etag: "112de4d33535001a1de378b7973ea755"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea28236997366b-FRA
expires: Sun, 26 Mar 2023 13:51:24 GMT

GET
H2 200 90f71b7b11fc5c9331d5004d09bd25c8.jpg
static.nv.ua/shared/system/Article/posters/002/644/784/original/ 8 KB
8 KB 27ms
25ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/644/784/original/90f71b7b11fc5c9331d5004d09bd25c8.jpg?q=85&stamp=20230224145803&w=300&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 217a7412e297e8478ce2005c0bc572455b14879f5911bb2f6eb3dfd211cb95ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 12:06:24 GMT
server: cloudflare
age: 17900
etag: "44ecdce13d1cbd824c13330aaa455133"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea282399cd366b-FRA
expires: Sun, 26 Mar 2023 13:11:53 GMT

GET
H2 200 cf9495d685d23e8ab3aae854dc7a4193.jpg
static.nv.ua/shared/system/Article/posters/002/643/437/original/ 21 KB
21 KB 24ms
23ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/643/437/original/cf9495d685d23e8ab3aae854dc7a4193.jpg?q=85&stamp=20230222133827&w=600&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fe4d746075564b96aace5b1f128c12929a66e4fa841e7903c7226be49769e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 10:07:53 GMT
server: cloudflare
age: 18358
etag: "7f871d3a6a6e143516de8b720ea88971"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea282399d4366b-FRA
expires: Sun, 26 Mar 2023 13:04:15 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
310 B 225ms
50ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.019966799043707795&r=&u=https%3A//english.nv.ua/
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Fri, 24 Feb 2023 18:10:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
expires: 0

GET
H2 200 all_scripts.min.js Show response
english.nv.ua/scripts/ 135 KB
45 KB 28ms
28ms Script
application/javascript 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/scripts/all_scripts.min.js?4.139
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0665f414090e4203bebdb47967b08d4c1916fc2ecac612efb79031355ece5e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 09:41:45 GMT
server: cloudflare
age: 194288
etag: W/"63f5e359-21da0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 79ea2823493f366b-FRA
expires: Fri, 23 Feb 2024 12:12:05 GMT

GET
H2 200 1.html Show response
english.nv.ua/get_additional_blocks_desktop/ 12 KB
4 KB 26ms
26ms XHR
text/html 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/get_additional_blocks_desktop/1.html
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc4ca26bfdaadbbda0b2a6e2cf960abb5698796c2936e9fbd4622bc8856a6657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: gzip
x-varnish-hash: GET:english.nv.ua/get_additional_blocks_desktop/1.html:desktop
x-cacheable: 1
last-modified: Fri, 24 Feb 2023 18:06:13 GMT
cf-cache-status: HIT
age: 240
server: cloudflare
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
nv-cache: 900s
varnish-ttl: 900.000
cf-ray: 79ea28234945366b-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
26 KB 212ms
80ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b8514c85c13a143e983c709b2f011704416baf80c4afc94e687438143852ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26502
x-xss-protection: 0
server: sffe
etag: "1492 / 595 of 1000 / last-modified: 1677240773"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 18:10:13 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/ 488 KB
146 KB 54ms
12ms Script
application/javascript 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/ym.js?3
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: 9571eb8e377428aa02593df2fe5264a0abb34754267076e2dce0ea56c33ab9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: br
cdn-edgestorageid: 1078
cdn-storageserver: DE-165
cdn-cachedat: 02/24/2023 15:04:53
cdn-pullzone: 139012
last-modified: Thu, 23 Feb 2023 08:06:14 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 300
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f71e76-7a0bd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 88f9a84792257fb95132216973726cc7
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 5wvqvd27.json Show response
l.getsitecontrol.com/ 26 B
893 B 149ms
131ms XHR
application/json 138.199.37.230
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/5wvqvd27.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/5wvqvd27.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-230.bunnyinfra.net
Software: BunnyCDN-DE1-864 /
Resource Hash: 2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: br
cdn-edgestorageid: 1078
x-amz-request-id: JYAGPD9BJE0T6Q7A
cdn-cachedat: 02/21/2023 11:39:28
cdn-pullzone: 89704
x-amz-id-2: /7Z/yJIWlkTdq738b6Qg/3KCQHAKKo0h1WM8valgJdSBBIR+3GPD4enxTTE5LyLOb8sfH6M9fis=
last-modified: Sun, 16 Oct 2022 15:01:25 GMT
server: BunnyCDN-DE1-864
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"a0031113750138bb01a82276a3af72de"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
access-control-max-age: 3000
cdn-requestid: 8b8dccfbd1257a2f3f30e2fda578c72a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
389 B 28ms
27ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=english.nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 9c9f010903a67a5ab88918aa1fd66fb301564215cb51ba4191c214eabfa29793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 274
expires: Sun, 26 Mar 2023 18:10:13 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame BFBC 5 KB
3 KB 151ms
48ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 002026c4aedc98e03f1ce94c3cc275a7653f0d9334d0a45d64be8ca21a11216e

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2724
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:10:13 GMT
etag: PRIVATE7520710249
expires: Sun, 26 Mar 2023 18:10:13 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
647 B 22ms
7ms Fetch
text/plain 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
cdn-edgestorageid: 722
cdn-storageserver: DE-198
cdn-cachedat: 02/24/2023 15:04:51
cdn-pullzone: 139012
x-ym-country: DE
content-length: 3
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 309
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "622b54c3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cache-control: public, max-age=86400
cdn-requestid: a0ab80b332796d027a3b3b97c27b3a61
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 16:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4529
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Feb 2023 18:54:44 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.1/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

7 KB
3 KB

23ms
22ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3874187
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GPEV5SKAW699AECB2HGXPR91-fra
server: cloudflare
etag: W/"1b24-GqgswdM7opiZOqFSwUlHVut+Xpk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea28251fc42baa-FRA

Redirect headers

date: Fri, 24 Feb 2023 18:10:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GT29WF0G62JDQ0A6BN4KWV45-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.1/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 79ea2824cf362baa-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 71ms
70ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7352bdfebb19c1b618dbaa6fe3b3032356ba9b7250fb792137cd597d7a34a22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 18:10:13 GMT

GET
H2

200

icm.gif Show response
server.smartytech.io/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D
https://server.smartytech.io/icm.gif?uid=c62fc28a-3ab9-4b6f-a429-9561a3c6dc88

43 B
338 B

82ms
14ms

Script
image/gif

167.235.242.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.smartytech.io/icm.gif?uid=c62fc28a-3ab9-4b6f-a429-9561a3c6dc88
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Server: 167.235.242.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.242.235.167.clients.your-server.de
Software: nginx /
Resource Hash: d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
last-modified: Fri, 24 Feb 2023 18:10:14 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

location: https://server.smartytech.io/icm.gif?uid=c62fc28a-3ab9-4b6f-a429-9561a3c6dc88
date: Fri, 24 Feb 2023 18:10:13 GMT
cache-control: no-store no-transform
server: nginx
content-length: 143
content-type: text/html; charset=utf-8

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 59ms
26ms Ping
text/html 2400:52e0:1e00::722:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?NVR;desktop;;page_desktop;ac4850|66f4ad
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::722:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 269 KB
86 KB 8ms
7ms Script
application/javascript 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js?ac4850|66f4ad
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: b19ece088d69d369fb37f5b8f19228c96ae0ab55043679d162d2ced9be1e4039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-51
cdn-cachedat: 02/24/2023 18:04:46
cdn-pullzone: 139012
last-modified: Fri, 24 Feb 2023 16:51:56 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f8eb2c-433cd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 26be207995545a089377126c9a98574a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 178 B
873 B 8ms
8ms XHR
text/plain 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: 56becb003446d137266e23002bd3be22a8a4fc15d671eb98e023aa1ef34fd1d7

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-197
cdn-cachedat: 02/24/2023 15:04:51
cdn-pullzone: 139012
last-modified: Fri, 24 Feb 2023 08:30:24 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 324
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f875a0-b2"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestid: 0c726f0768185fe5e0b96c59746288f8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
531 B 182ms
105ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
828 B 52ms
27ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:13 GMT
AN-X-Request-Uuid: ddd80959-e360-4b5c-9059-f2cf882eb890
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 320 B
868 B 184ms
78ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416604&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fenglish.nv.ua%2F&tg_i.page=https%3A%2F%2Fenglish.nv.ua%2F&tg_i.domain=english.nv.ua&tk_flint=pbjs_lite_v7.35.0&x_source.tid=c78307be-cee0-4b05-8a3c-43f0843bbc66&l_pb_bid_id=64a871602daefd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9614299457238848
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1432a9b0f08ac714e4acf5a495e3283c25b4b7c4b4edffca41296198d7302b6a

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://english.nv.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 320
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
406 B 166ms
118ms XHR
application/json 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8553&sizes=300x600|300x250&referer=https%3A%2F%2Fenglish.nv.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: 4de61d5423b3ad2517dd96216dfc5beeff98863d13ecd83f4834730b2f270494

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://english.nv.ua
date: Fri, 24 Feb 2023 18:10:14 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
284 B 95ms
17ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 24 Feb 2023 18:10:13 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://english.nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
522 B 51ms
28ms XHR
application/json 3.65.157.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fenglish.nv.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.157.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-157-218.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:13 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 229ms
32ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=78333183903&lsavail=0

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Feb 2023 18:10:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://english.nv.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
564 B 71ms
33ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=849843
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e53925268aa7139a98dcb248748447fa3e59528485f630fd4fcdee5ab35351e9

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWVFAU4yR2L5OQjywbmlAym3z1Mp65xpHEEkmZjRqdUvjkF3A01XkIo5HPEG07rJiHm3dTbAxkskPY4tl%2B5c0ZVhGbU4aOHWpBkSe7faSjPKXrXMWKO1DklTcBHTYKCwd%2FlhqbwB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 79ea282509df2c52-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
498 B 152ms
98ms XHR
application/json 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 3ec948efd08111b0015eb2e9a11331353a6f30521644c477ec8f9960159e2fa3

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 24 Feb 2023 18:10:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://english.nv.ua
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 81ms
45ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://english.nv.ua
date: Fri, 24 Feb 2023 18:10:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 pubads_impl_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 149ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132097
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 24 Feb 2024 17:14:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 227 B
655 B 184ms
75ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=english.nv.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f3436a6889c23670fdf0ce9c6e511ed044f94336c54aa2e19fbbd2452340ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
expires: Fri, 24 Feb 2023 18:10:14 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1677262213969/
Redirect Chain

https://gaua.hit.gemius.pl/_1677262213969/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fenglish....
https://gaua.hit.gemius.pl/__/_1677262213969/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fengli...

169 B
474 B

85ms
85ms

Script
application/x-javascript

51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1677262213969/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=PPyFig07XvX_7C4WNXbrc_TUgXxNk67ugj0LFcj.tNX.V7Bpqr.Bmshfa7Xp3w4vLqr_WC3_o6SN9TXctU8hztyOy11_/eXWVBfnXMVTlm/&fpdata=tRwqsh8VBVUTd_VTSs1qJOykG0_4AhzNjVWpwwxTYbT.Q7&ltime=190&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63f8fd852e4a92d2&brts=1677262213&fpcap=
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 0894101cdf14aa11278c9639e841fd566201d71e27c9aecd823e9df10bd3de34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Thu, 23 Feb 2023 18:10:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:13 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1677262213969/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=PPyFig07XvX_7C4WNXbrc_TUgXxNk67ugj0LFcj.tNX.V7Bpqr.Bmshfa7Xp3w4vLqr_WC3_o6SN9TXctU8hztyOy11_/eXWVBfnXMVTlm/&fpdata=tRwqsh8VBVUTd_VTSs1qJOykG0_4AhzNjVWpwwxTYbT.Q7&ltime=190&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63f8fd852e4a92d2&brts=1677262213&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 23 Feb 2023 18:10:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
244 B 55ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=45je32m0&_p=394712708&_gaz=1&cid=775713787.1677262214&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677262213&sct=1&seg=0&dl=https%3A%2F%2Fenglish.nv.ua%2F&dt=Ukraine%20News%20Premier%20Independent%20English-language%20Source%20%E2%80%94%20The%20New%20Voice%20of%20Ukraine&en=page_view&_fv=1&_nsi=1&_ss=1&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 57ms
19ms Ping
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-52RSPD3WMK&cid=775713787.1677262214&gtm=45je32m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 162ms
63ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-52RSPD3WMK&cid=775713787.1677262214&gtm=45je32m0&aip=1&z=1991814814

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 25ms
20ms XHR
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-51943557-1&cid=775713787.1677262214&jid=2084554020&uid=0&gjid=1453310104&_gid=1791855393.1677262214&_u=YCDAgEABAAAAAEAAI~&z=1616452757

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 Feb 2023 18:10:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 38ms
35ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=394712708&t=pageview&_s=1&dl=https%3A%2F%2Fenglish.nv.ua%2F&ul=en-us&de=UTF-8&dt=Ukraine%20News%20Premier%20Independent%20English-language%20Source%20%E2%80%94%20The%20New%20Voice%20of%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=2084554020&gjid=1453310104&cid=775713787.1677262214&uid=0&tid=UA-51943557-1&_gid=1791855393.1677262214&gtm=45He32m0n71WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&cd16=B&z=1891318872

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 08:32:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34635
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 207ms
83ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-51943557-1&cid=775713787.1677262214&jid=2084554020&_u=YCDAgEABAAAAAEAAI~&z=1393806283

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 100ms
63ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-51943557-1&cid=775713787.1677262214&jid=2084554020&_u=YCDAgEABAAAAAEAAI~&z=1393806283

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 145ms
46ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=english.nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 202ms
71ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=english.nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 657 B
845 B 449ms
447ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=341719718395373&correlator=2300475345114693&eid=31072517&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=271925883%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=2839826010&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26mbr_site_version%3Den%26lang%3Den%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1677262214256&lmt=1677261973&dlt=1677262213486&idt=715&adxs=-160&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fenglish.nv.ua%2F&frm=20&vis=1&psz=1600x0&msz=1920x-1&fws=512&ohw=0&ga_vid=775713787.1677262214&ga_sid=1677262214&ga_hid=394712708&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5daa7147bedab953ea4ce84700907d7e788115cc6e16e559cd2f39f41cc8bd60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 336
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 457ms
455ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=341719718395373&correlator=2300475345114693&eid=31072517&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATFR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=4114338837&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26mbr_site_version%3Den%26lang%3Den%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1677262214266&lmt=1677261973&dlt=1677262213486&idt=715&adxs=1114&adys=749&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fenglish.nv.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=775713787.1677262214&ga_sid=1677262214&ga_hid=394712708&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

642d334d10b7eaac26b7d5b67f9ded7542cf9917c5514d91f4723aeae8c50555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11294
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://english.nv.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b087db836265140778d4b1ab79e709f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA5A 6 KB
3 KB 161ms
44ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b087db836265140778d4b1ab79e709f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:10:14 GMT
expires: Sat, 24 Feb 2024 18:10:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 221ms
93ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0078560fb70db9f6a543ef1931f3199823ccabecce8192327dadb79e6268a8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11332
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
35ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=394712708&t=event&ni=1&_s=1&dl=https%3A%2F%2Fenglish.nv.ua%2F&ul=en-us&de=UTF-8&dt=Ukraine%20News%20Premier%20Independent%20English-language%20Source%20%E2%80%94%20The%20New%20Voice%20of%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Main%20Page&ea=500px&_u=aCDAgEABAAAAAEAAI~&jid=&gjid=&cid=775713787.1677262214&uid=0&tid=UA-51943557-1&_gid=1791855393.1677262214&gtm=45He32m0n71WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&cd16=B&z=91347428

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 11:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
36ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=394712708&t=event&ni=1&_s=1&dl=https%3A%2F%2Fenglish.nv.ua%2F&ul=en-us&de=UTF-8&dt=Ukraine%20News%20Premier%20Independent%20English-language%20Source%20%E2%80%94%20The%20New%20Voice%20of%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Main%20Page&ea=1000px&_u=aCDAgEABAAAAAEAAI~&jid=&gjid=&cid=775713787.1677262214&uid=0&tid=UA-51943557-1&_gid=1791855393.1677262214&gtm=45He32m0n71WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&cd16=B&z=709312089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 11:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 290ms
158ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 18:10:14 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame AC3A 222 KB
61 KB 197ms
52ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 215262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame AC3A 15 KB
5 KB 279ms
134ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 215262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame AC3A 94 KB
28 KB 285ms
139ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 215262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame AC3A 5 KB
2 KB 310ms
165ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 215262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame AC3A 40 KB
13 KB 302ms
157ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 215262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
DATA 200
OK truncated
/ Frame AC3A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a300414b350e322ff57d76b9e673cc36c7d63df3d923cea3e3209b4d92d3cfab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5431351375636186192
tpc.googlesyndication.com/simgad/ Frame AC3A 86 KB
86 KB 116ms
52ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5431351375636186192?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qljnJ7UI_A_iSPq03LkFIy8L3D5qw

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e733517b2d3d89acf4a9cabb7061550cace4949d4139488d079a0969d6938779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:07:43 GMT
x-content-type-options: nosniff
age: 104551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87755
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 09:12:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 13:07:43 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC3A 2 KB
3 KB 113ms
49ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:22:32 GMT
x-content-type-options: nosniff
server: cafe
age: 42462
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 25 Feb 2023 06:22:32 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC3A 295 B
664 B 112ms
48ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:22:32 GMT
x-content-type-options: nosniff
server: cafe
age: 42462
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 25 Feb 2023 06:22:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC3A 0
0 82ms
81ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBxtahv34Y5qSE-yK9u8Pv-G-wAWM6KGRb-jTlN67Ebng1eeMJBABIPT552NgleKQgqAHoAG3uIvJA8gBAqkCktwL5vqQYT7gAgCoAwHIAwiqBIcCT9AAuykuSiZlWlpRgwWCRSVgRzuYjgXPNyp5SBtSMy76X-peEgSIzqs9qC4e7pmtlVynbt37qwNbwjQlUCVOYOOhOZZx5Y622A6ZGR2DlRm3F9QEtw4_LMC5u24k2f6fGpVYkHC4qBdcIvPw9899kEKEt-QwsMmk_jn0WTbpcagBvGSzDYtXLREWcB3GmcDPQ_5tsi7Mew4I8-9awcnkv_b8XQxD4XguUVWVSgcwn5MG6J2GMrpwNm3v6t9i17Mn35VPUNMBMdp_Nr_7dSDs2rRIPeDZG5YSBnu2zmuVBvqUjeRYzAF7yYOQQS7m_stCyrB3xKNNWRLzBO5YpVOA8A1Kxglfr8PABKr5j_SmBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAexx_Q2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQv5kZ0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjc0MjUyODk4OTY4MDU2OBiDmxo&sigh=vVoIZ-bEDbQ&uach_m=[UACH]&cid=CAQSTADUE5ymlJ8wuzPFz1tEyGjLLhJviRt944iTojjxfSU9MEiU2rbhg4hyUOlCaErjzP6nd0gzzdsiNzbaO9ZOX8gy-lnBW6rT_2g2CAgYAQ
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 61ms
28ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-162fb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:10:14 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 84F6 15 KB
6 KB 50ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=english.nv.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:10:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 568682
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 60ms
29ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:10:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C3F 13 KB
5 KB 51ms
47ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:47 GMT
expires: Sat, 24 Feb 2024 11:28:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F2A 783 B
967 B 87ms
86ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

72962354a0ceebce6b55756b3bd02d1427b852bf5a5b7d2ed4f6a2ebb4be9778

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tIzn8dSb1ghMVzztDz6L3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-tIzn8dSb1ghMVzztDz6L3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:10:15 GMT
expires: Fri, 24 Feb 2023 18:10:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 84F6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=english.nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Cy_7lHxrVjk3YlJ1UHphbWdYa1NWYml5T1B4VjdOYWdvTktRQWNrQWMwdWR3WjlWVFZQTjZBdGdBL3hrUTQvS21yRjJIUU5IN3gwa3ZIa0VCc3F5WmRZTG9zbWVTS2RNN0wwWjFYM3F2R3EwbWVtTEgzSWJqUjBkZkx2SH...

436 B
656 B

80ms
25ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Cy_7lHxrVjk3YlJ1UHphbWdYa1NWYml5T1B4VjdOYWdvTktRQWNrQWMwdWR3WjlWVFZQTjZBdGdBL3hrUTQvS21yRjJIUU5IN3gwa3ZIa0VCc3F5WmRZTG9zbWVTS2RNN0wwWjFYM3F2R3EwbWVtTEgzSWJqUjBkZkx2SHlGZ1NrcU1INXR4NThxU3NucGVvVUx3L3NtNEVwdHFiVlZuZkMrdm16aUQ5NEszSDdpeGk2dS9FSFJsWmdDcjlRdDRJZWRTK0lqd09aeEI3OEs3bXN3NUcwSElxWUs1U3ZGekVvOEovaUJvZ1Fyakp5cENUM3VWekYyRHJHN1lXOWliYmpOd0swR2t6RXVCbUNkVUVDNXlpb3V3VStKQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

984d10ea99fbb1488b99ec5e3650320077dfe4bbc22e849c7706b15ab89c03c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7175599
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Cy_7lHxrVjk3YlJ1UHphbWdYa1NWYml5T1B4VjdOYWdvTktRQWNrQWMwdWR3WjlWVFZQTjZBdGdBL3hrUTQvS21yRjJIUU5IN3gwa3ZIa0VCc3F5WmRZTG9zbWVTS2RNN0wwWjFYM3F2R3EwbWVtTEgzSWJqUjBkZkx2SHlGZ1NrcU1INXR4NThxU3NucGVvVUx3L3NtNEVwdHFiVlZuZkMrdm16aUQ5NEszSDdpeGk2dS9FSFJsWmdDcjlRdDRJZWRTK0lqd09aeEI3OEs3bXN3NUcwSElxWUs1U3ZGekVvOEovaUJvZ1Fyakp5cENUM3VWekYyRHJHN1lXOWliYmpOd0swR2t6RXVCbUNkVUVDNXlpb3V3VStKQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 430589
content-length: 0
expires: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame AC3A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

123ms
44ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date: Fri, 24 Feb 2023 18:10:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5F2A 0
0 175ms
80ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=341719718395373&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C3F 36 KB
14 KB 137ms
47ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 11:03:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7C3F 0
10 B 47ms
47ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?y95QyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 84ms
84ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=341719718395373&bg=!jo2ljdnNAAZYlHKzeJQ7ADkAdvg8WtC8YhCxe3OP7CcFz3_MVnWLbkdgZluyW4Fgbx8icv6E4UTiXtQ8qkmt-R1K057P-Uc6e8ACAAAAW1IAAAADaAEHCgBj-26dnUTeORE6FFDGZwELvpXyeEuXSoWBcsi7njU3WVd1aT4UBS0e6WzFT4wXcWD4_nQ8w43aj-nh09cBpAQzcMiQr7WrfbFemZCtiOzDl8F90FpRRvsHzytzHTIGXvNcm9UvmQKhNKGBEg0YRXFvvsreqD0x2-pR2cFGh6QUSWDPt_Qc8vMRxzP_B2ZURewnUNIV7PMyUXlQzSyxhPcw5X68LYdKlavT5k7A82VLqOfzsGtflUrU7Hy63EZPrN_JFnS_5DJU6RULqdQ1BHYsiPOLdJSY33OkNrwCm8TPlLzMrSDSJBUCqPCUY6wXT2eOo1VHS5MdX1o8diKRjL5-MBjOLuyS4sx1hHG0IE6n_hcn4Ziw3JjqdNvC0dkBUtCF_leSoRH5GITwVbqtF_4Fv-sFII6lQX6-J4WD8rPliNMOZG67bpvl4PwWHJsH8hbXgWP6Cvo_GTK0UyT8tLWQQTMjVgvgo_hJ3hl7ez4BrN-AHEilc8QQbqsf9d5EN__0bwf5xRSmX-8wwrlBw6CMjmypDWdJLhz0wXPh-TBBFwP0WBfKTOto7DCwMgxTZCHnaymH1MikcaGRKn1V24qTFGaE4qGOeNlZEVt6DIMrk8Cf0kd_k6gP134dtB_g8L3cHBOF_WrG9sDRxLZjfwv2Ij2rDfWvWdFPfXChL73aCggsHt_0i3Ua__WDfRf3QKj5LITfPHQ7WiX647CcMyFbrAPGDz0lWM6uPCGgXlDOpE7pcv11QfUHqKeaYCMQ7B8qG_KsSCGuBhRNIkB3arnYYnSrmmRxx-pQNt78WLOwFgwtsZ_zXXVCKy3cia29DHZvG0RR4hLusnf2xK0aYh7C64kMNVi3olKUJugeSh9aPEpZUbxNj1hpK-uFJzhB4nB2mneWqSLfAifMczrUyIaBUifkGYtLu9B04Uh22SaFse15jBCiE7ygp01alKwpnZwCWUbd00OqfWhkbGvTmgw7rlGmhZ3UrUDU4aFc-csuXURlPCbrNmIUlgZyvQKpPkJjfa14UsduIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AC3A 42 B
64 B 83ms
83ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP98ophg6LGNhy85lX8bdCjJyM1Dfv__4env7hsF5abIxEvpdRmwGvfOwFWsQdZNbVNv0aHYK619kjFEpystqAFvAnOYI5X9_w6uakFE_sT9aDjulHoi02OYOkAzAjV0q_biIj_2EeP8tKcDjuk06yI5Yrd5TG0P-F&sai=AMfl-YTMQtt1ZmW5THolZM3wps5CYa_kpo8LzMsBu_2KkpdVPdeNiVU4KuW9uLk5aizcRF6BNRl54-kelT8d_2jXjVB16IVb2a9unhrU71yQEZ-vcc-O-bwZAFvBeUNF2Su85VsDRmxj3nQgyNm18Q&sig=Cg0ArKJSzHZDEnKo4vDmEAE&cid=CAQSTADUE5ymlJ8wuzPFz1tEyGjLLhJviRt944iTojjxfSU9MEiU2rbhg4hyUOlCaErjzP6nd0gzzdsiNzbaO9ZOX8gy-lnBW6rT_2g2CAgYAQ&id=ampim&o=1114,754&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=417&tls=1417&g=74.33333396911621&h=74.33333396911621&tt=1417&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 011C 281 B
554 B 79ms
15ms Document
text/html 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Feb 2023 18:10:17 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F8AF 52 KB
17 KB 59ms
8ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 24 Feb 2023 18:10:17 GMT
ETag: "623de86a-cf34"
Expires: Sat, 25 Feb 2023 18:10:19 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 77FA 3 KB
2 KB 52ms
14ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 568
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 79ea28394eec9ba7-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 18:10:17 GMT
expires: Fri, 24 Feb 2023 22:10:17 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame F7EF 37 B
140 B 37ms
9ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 24 Feb 2023 18:10:17 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 6C48 0
0 15ms
14ms Document
text/plain 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13408038
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 24 Feb 2023 18:10:17 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap4ams1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A4DD 16 KB
6 KB 102ms
37ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=162832
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 24 Feb 2023 18:10:17 GMT
expires: Sun, 26 Feb 2023 15:24:09 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 6CF3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
828 B

42ms
42ms

Document
text/html

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e23e8902170dabd5516362a21fa1689ad36afc94fa3e4ed6c530854a38733ee

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79ea283a2d393a3e-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 18:10:17 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba8AIcy%2BGn3ESf9x4eHY5mSde1YqJ4mRigYbQctsg0LqG626TWuhoLEfcBm58NCihY8ZJYZUkBf7urYuPPFWKi67T8O5seyo45fneqUTrDJ1bYc1J1NN%2FVMcUQi4ncU%2F2i2vLkq5CGF0Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79ea2839fcd23a3e-FRA
content-length: 0
date: Fri, 24 Feb 2023 18:10:17 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6VOdEOq1WH7Vxnj0s%2Fwd%2Bb1O2PwBxkNO0vFFOmJN5glNn6TNs32ouLEHp1D7JtPqxYDIXe6Sxhgm1RNEBIzY9SXTH3Mc5DpHON%2BEc%2B7ahVUAmt7Zqk%2B3gNSUrlTwJRrPn6leU3XEA8qhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame F8AF
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
936 B

12ms
11ms

Script
text/html

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:17 GMT
AN-X-Request-Uuid: accdae67-c697-4fb7-a347-900444e7a30d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:17 GMT
AN-X-Request-Uuid: 4882dd56-4cb0-4d81-a50d-e02f2b6aecf6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 011C 33 KB
10 KB 15ms
14ms Script
text/html 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a432fd4b8f028f0f90d4cdbeb56d71634519bcf3d1b9128e937a69f447c345f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 18:10:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 10:18:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=58071
Connection: keep-alive
Content-Length: 10007
Expires: Sat, 25 Feb 2023 10:18:08 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A4DD 2 KB
3 KB 94ms
17ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50832981&p=162179&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0a9ba112bf0119332802a3e07071b6915195ef3c8a5831b6988c8e628e654825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 18:10:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 011C
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WHSSyTjDSA6pK8An-RwmQg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WHSSyTjDSA6pK8An-RwmQg

43 B
479 B

34ms
33ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WHSSyTjDSA6pK8An-RwmQg

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WXF3XGV4T8CXA0G76F46
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WHSSyTjDSA6pK8An-RwmQg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 011C
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEIUM73I-P-GNTR

0
647 B

219ms
196ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEIUM73I-P-GNTR
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:16 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1EA7F81F938046AE82550E3B5119D864 Ref B: FRAEDGE1318 Ref C: 2023-02-24T18:10:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1dgqrecXC34XPkXlOGw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEIUM73I-P-GNTR
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 011C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJVU03M0ktUC1HTlRS

170 B
232 B

120ms
75ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJVU03M0ktUC1HTlRS

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJVU03M0ktUC1HTlRS
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 011C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hbDBsC9nQWiADjlJCJ0H-A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hbDBsC9nQWiADjlJCJ0H-A

43 B
479 B

115ms
115ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hbDBsC9nQWiADjlJCJ0H-A

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K1KVCDZ1Y66GPS5Y4D3V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hbDBsC9nQWiADjlJCJ0H-A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 011C
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Vo_YVcKFzcgtW5uNCLADQg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8OUp9NRE2oKECqbkRKpGH2pkD3w.UREGVk6U4A--~A

0
239 B

48ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8OUp9NRE2oKECqbkRKpGH2pkD3w.UREGVk6U4A--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8OUp9NRE2oKECqbkRKpGH2pkD3w.UREGVk6U4A--~A
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 011C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDrz-zpcrhztmWXuAesOMmM&google_cver=1

0
239 B

44ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDrz-zpcrhztmWXuAesOMmM&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDrz-zpcrhztmWXuAesOMmM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 011C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODZjYWU0YjZmMDc2YjE5NzFiYzRjODJkNWI0ZjA4Mjk5ZWNlNTkxNg

170 B
243 B

95ms
48ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODZjYWU0YjZmMDc2YjE5NzFiYzRjODJkNWI0ZjA4Mjk5ZWNlNTkxNg

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODZjYWU0YjZmMDc2YjE5NzFiYzRjODJkNWI0ZjA4Mjk5ZWNlNTkxNg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 011C 70 B
265 B 136ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6CF3 70 B
264 B 127ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6CF3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&dcc=t

43 B
855 B

125ms
124ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0VNWMMFTP5QNQHBEPPGS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GX2VWACCKBERKSVDP9KE
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 6CF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAhhzgGRaMnmSwXzqtlC3vo&google_cver=1

43 B
783 B

27ms
26ms

Image
image/gif

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAhhzgGRaMnmSwXzqtlC3vo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e77Ei26yWojZh8ckklbAnRc85%2F5TbsFEX7hEoO9MkwYclhHmjfilZqYv8HPXn59Q2NJ91nUsZ3U5iLTpSe1tEh40fijZ01l4ag4u%2BkfqL1Jb4LYiY14Chyby9t7vgnDcQ3nQimZj1Zr76w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79ea283b8bf2913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAhhzgGRaMnmSwXzqtlC3vo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6CF3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-j9ibeAXIpyPdSTCIvtbQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECTpxyJ6xeSYZ-vFuQUE0Zw&google_cver=1

43 B
632 B

11ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECTpxyJ6xeSYZ-vFuQUE0Zw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECTpxyJ6xeSYZ-vFuQUE0Zw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6CF3
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Vn3f5wYqgeZNeIrrBHmU6gJ_iOtNeIzpAXqUZ5E_

43 B
632 B

168ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Vn3f5wYqgeZNeIrrBHmU6gJ_iOtNeIzpAXqUZ5E_
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Vn3f5wYqgeZNeIrrBHmU6gJ_iOtNeIzpAXqUZ5E_
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6CF3
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
https://pr-bh.ybp.yahoo.com/sync/casale/Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB

43 B
602 B

32ms
31ms

Image
image/gif

2a05:d018:d29:3605:3a35:c032:6d7e:7081
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

2a05:d018:d29:3605:3a35:c032:6d7e:7081 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB
date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6CF3 43 B
601 B 130ms
36ms Image
image/gif 2a05:d018:d29:3605:3a35:c032:6d7e:7081
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y_j9ibeAXIpyPdSTCIvtbQAABHwAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:3a35:c032:6d7e:7081 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

rum
dsum.casalemedia.com/ Frame 6CF3
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1f031b81-4546-45e8-8daf-981a49436cc7&ssp=index
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5b079f9b-9b21-4574-ba34-724e76ca314a&gdpr=&gdpr_consent=&us_privacy=

43 B
784 B

99ms
29ms

Image
image/gif

104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5b079f9b-9b21-4574-ba34-724e76ca314a&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsB92bGlm7fBWA5hY2%2FUn4NCQ9l%2FHQIoWwCuhHNgLKdD5GJlXLvkwEYxhNHh%2FTxIb90u4tHQIl1AFmcGI88iqra8dLILShLirweR5Z74Q2VkEv%2F%2Fq5XgPtTfT%2FYxpspPUNRhp3Cp"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79ea283ede7c9061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5b079f9b-9b21-4574-ba34-724e76ca314a&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 24 Feb 2023 18:10:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 6CF3 43 B
353 B 61ms
14ms Image
image/gif 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y-j9ibeAXIpyPdSTCIvtbQAA%261148
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fenglish.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:17 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 60051
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79ea283adf9d912e-FRA
content-length: 43
expires: Sat, 25 Feb 2023 18:10:17 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 7EC5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent=

35 B
476 B

24ms
24ms

Document
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 24 Feb 2023 18:10:17 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 24 Feb 2023 18:10:17 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BD45
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b&gdpr=0&gdpr_consent=

42 B
328 B

16ms
16ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 24 Feb 2023 18:10:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 24 Feb 2023 18:10:17 GMT
Expires: Fri, 24 Feb 2023 18:10:16 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 530 4e92630 master zrh-pixel-x27 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C8F4
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7438260330950267314

42 B
274 B

94ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7438260330950267314
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 24 Feb 2023 18:10:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7438260330950267314
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9DF7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

89ms
16ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 24 Feb 2023 18:10:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:10:16 GMT
expires: Fri, 24 Feb 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2159735
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A4DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bgtCvUYqTJSjvUB1XLWQXg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

26ms
17ms

Image
text/html

2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:17 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=162832
accept-ranges: bytes
content-length: 5554
expires: Sun, 26 Feb 2023 15:24:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame A4DD
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

35ms
34ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame A4DD
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&addseg=19,36,42

0
0

74ms
15ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date: Fri, 24 Feb 2023 18:10:17 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A4DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkUwQjQyQkQtNDYyQS00Qzk0LUEzQkQtNDA3NTVDQjU5MDVF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

109ms
17ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 24 Feb 2023 18:10:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A4DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA5ibiltI-d4usnjB-L5J4o&google_cver=1

42 B
523 B

108ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA5ibiltI-d4usnjB-L5J4o&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 24 Feb 2023 18:10:17 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA5ibiltI-d4usnjB-L5J4o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame A4DD 43 B
610 B 81ms
17ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 23 Feb 2023 18:10:17 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A4DD 70 B
264 B 107ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A4DD
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7469139115461803530

42 B
297 B

69ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7469139115461803530
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 24 Feb 2023 18:10:17 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7469139115461803530
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 6E0B42BD-462A-4C94-A3BD-40755CB5905E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A4DD 43 B
426 B 110ms
34ms Image
image/gif 2a05:d018:d29:3605:3a35:c032:6d7e:7081
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/6E0B42BD-462A-4C94-A3BD-40755CB5905E?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:3a35:c032:6d7e:7081 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A4DD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6E0B42BD-462A-4C94-A3BD-40755CB5905E&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q0nWsgJE2uW8tsCVMcPabFvaS1DMY6Q-~A&gdpr=0

0
260 B

104ms
17ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q0nWsgJE2uW8tsCVMcPabFvaS1DMY6Q-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:53:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q0nWsgJE2uW8tsCVMcPabFvaS1DMY6Q-~A&gdpr=0
date: Fri, 24 Feb 2023 18:10:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F8AF 0
864 B 35ms
35ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:10:18 GMT
AN-X-Request-Uuid: 8b699b7d-a869-49bf-b9c4-64030534ee51
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame A4DD 0
260 B 112ms
15ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=162179&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:10:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=45je32m0&_p=394712708&cid=775713787.1677262214&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=2&sid=1677262213&sct=1&seg=0&dl=https%3A%2F%2Fenglish.nv.ua%2F&dt=Ukraine%20News%20Premier%20Independent%20English-language%20Source%20%E2%80%94%20The%20New%20Voice%20of%20Ukraine&en=ad_impression&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&ep.query_id=CJrt6tPgrv0CFWyF_Qcdv7APWA&_et=760
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:10:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nv.ua/	1969-12-31 23:59:59	Name: test_variant_session Value: B
english.nv.ua/	1969-12-31 23:59:59	Name: b Value: b
.nv.ua/	1970-01-20 09:57:15	Name: dont_show_new_form Value: 1
.hit.ua/	1970-01-20 19:30:22	Name: uid Value: 1749802309.1677262213.2489276408
.nv.ua/	1970-01-20 12:03:58	Name: _gcl_au Value: 1.1.1052279997.1677262214
.nv.ua/	1970-01-20 19:23:10	Name: __gfp_64b Value: tRwqsh8VBVUTd_VTSs1qJOykG0_4AhzNjVWpwwxTYbT.Q7\|1677262213
.hit.gemius.pl/	1970-01-20 10:04:27	Name: Gtest Value: Klxb6RGGQMQGxcUcYBYRxd2issGMXP8c25nSGgliV5H7XBG.
.nv.ua/	1970-01-20 19:30:22	Name: _ga Value: GA1.2.775713787.1677262214
.nv.ua/	1970-01-20 09:55:48	Name: _gid Value: GA1.2.1791855393.1677262214
.nv.ua/	1970-01-20 09:54:22	Name: _dc_gtm_UA-51943557-1 Value: 1
server.smartytech.io/	1970-01-20 18:39:58	Name: uid Value: c62fc28a-3ab9-4b6f-a429-9561a3c6dc88
a4p.adpartner.pro/	1970-01-20 11:20:46	Name: apuid Value: ae3c0033-04e2-41ed-aa10-994825fe0316
.rubiconproject.com/	1970-01-20 18:39:58	Name: khaos Value: LEIUM73I-P-GNTR
.rubiconproject.com/	1970-01-20 18:39:58	Name: audit Value: 1\|naVuGyos1qrjHbuRnh49xz5APvdogVCbaTd6KyMQnaub55ZO9yeicwTZD0IovFUxdl7EMyLVF169QSxG1HSY5jH4Wm0It/pK8VDgR9k7j/Y=
.hit.gemius.pl/	1970-01-20 19:23:10	Name: Gdyn Value: KlQU9MGGQMQGxcUcYBYRxd2issGM11ocL6nxmG8cXWunlJaiGsRPtP7iGKGGqKB5gGllle82GGUrxFs_EFyGsG..
.nv.ua/	1970-01-20 19:15:58	Name: __gads Value: ID=d6f27eea2d07b287:T=1677262214:S=ALNI_MZIkfCfrTzENCgBbmV6kg_5BB8JnQ
.nv.ua/	1970-01-20 19:15:58	Name: __gpi Value: UID=00000bbb5b41846d:T=1677262214:RT=1677262214:S=ALNI_MZB_AQFs5cOm6YMg6knqjJL6wlgaQ
.nv.ua/	1970-01-20 19:30:22	Name: _ga_52RSPD3WMK Value: GS1.1.1677262213.1.0.1677262214.59.0.0
.doubleclick.net/	1970-01-20 19:15:58	Name: IDE Value: AHWqTUlwB3I3HzysDaD2IWp7XD3d6DCsLE_92ZPuHIHO7OOe2nCAbLsW32HOwlJli6w
.criteo.com/	1970-01-20 19:15:58	Name: uid Value: 7548faa3-40e5-4f90-b0fe-9bdbbc768b70
.nv.ua/	1970-01-20 19:15:58	Name: cto_bundle Value: eJFN219QUHNsTmVLJTJGT2RBblIzbzFCdVFsUzFaJTJCdG81OU5PVU55dTc4RGklMkY4VVlJTkkxTFZCN3F6bVJOMU9sS2o0R3haMnMlMkZwUjNuQXl5SFpFdjVVUVN1N2VXSFgzTXBrWUVWcHhLUjRrcERtNHZXZDBpV3NMelpIeFlDWDBkTmV6Zm8xbUdJV0s2WlBrWVIlMkZLTFBkQiUyQjhkV0ElM0QlM0Q
.doubleclick.net/	1970-01-20 09:54:25	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 12:03:58	Name: uuid2 Value: 6230506208691330978
.ads.pubmatic.com/	1970-01-20 09:55:48	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 18:39:58	Name: CMID Value: Y-j9ibeAXIpyPdSTCIvtbQAA
.casalemedia.com/	1970-01-20 12:03:58	Name: CMPS Value: 1148
.casalemedia.com/	1970-01-20 12:03:58	Name: CMPRO Value: 1148
.pubmatic.com/	1970-01-20 18:39:58	Name: KADUSERCOOKIE Value: 6E0B42BD-462A-4C94-A3BD-40755CB5905E
.pubmatic.com/	1970-01-20 12:03:58	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:55:48	Name: pi Value: 162179:2
.pubmatic.com/	1970-01-20 12:03:58	Name: DPSync3 Value: 1678406400%3A201_197_219_221
.pubmatic.com/	1970-01-20 12:03:58	Name: SyncRTB3 Value: 1678406400%3A13_71_220_21_7_161_54_56%7C1677801600%3A223%7C1678492800%3A35
.quantserve.com/	1970-01-20 12:03:58	Name: d Value: EHwBDQGvKLjvsQA
.quantserve.com/	1970-01-20 19:24:36	Name: mc Value: 63f8fd89-634d7-5b114-656a4
.onaudience.com/	1970-01-20 18:39:58	Name: cookie Value: 1b7807ce1ff4fe4e
.onaudience.com/	1970-01-20 09:55:48	Name: done_redirects147 Value: 1
.simpli.fi/	1970-01-20 18:41:24	Name: suid Value: 749F7B469D6145BA9AC57B2A73055945
.fiftyt.com/	1970-01-20 18:39:58	Name: fifid Value: cb4b7fea-5cf0-4440-4de7-cdc36b2dca54
.fiftyt.com/	1970-01-20 18:39:58	Name: cs Value: MTY3NzI2MjIxN3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fKQ89_tN9gi8I-aG6-8IPP54FiB5xu00zpja-GMqAshU
.adform.net/	1970-01-20 10:34:41	Name: C Value: 1
.de17a.com/	1970-01-20 18:32:46	Name: guid Value: 1.7438260330950267314
.fiftyt.com/	1970-01-20 10:04:27	Name: fppm Value: 20230224181017
.adform.net/	1970-01-20 11:20:46	Name: uid Value: 289425887409690184
.pubmatic.com/	1970-01-20 10:37:34	Name: KRTBCOOKIE_391 Value: 22924-7469139115461803530&KRTB&23263-7469139115461803530
.pubmatic.com/	1970-01-20 12:03:58	Name: KRTBCOOKIE_80 Value: 16514-CAESEA5ibiltI-d4usnjB-L5J4o&KRTB&22987-CAESEA5ibiltI-d4usnjB-L5J4o&KRTB&23025-CAESEA5ibiltI-d4usnjB-L5J4o&KRTB&23386-CAESEA5ibiltI-d4usnjB-L5J4o
.pubmatic.com/	1970-01-20 10:37:34	Name: KRTBCOOKIE_336 Value: 5844-7438260330950267314
.yahoo.com/	1970-01-20 18:40:19	Name: A3 Value: d=AQABBIn9-GMCEET-hmthI6SX9l6CHladoRIFEgEBAQFP-mMCZAAAAAAA_eMAAA&S=AQAAAvVm8neIAhXkUXNfiRLrKl8
.linkedin.com/	1970-01-20 18:39:58	Name: bcookie Value: "v=2&3cd6025a-34fe-4a88-84c1-5b5f8aa0d33f"
.linkedin.com/	1970-01-20 14:13:34	Name: li_gc Value: MTswOzE2NzcyNjIyMTc7MjswMjEG/xjO4jEGA/QMjm0esFZZAPjgE4TJS9iu1f4fiW45UA==
.linkedin.com/	1970-01-20 09:55:48	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2687:u=1:x=1:i=1677262217:t=1677348617:v=2:sig=AQGiX1REuknU95PcQm5jTFy1_vKj6E39"
.analytics.yahoo.com/	1970-01-20 18:39:58	Name: IDSYNC Value: 175w~2a6i
.mathtag.com/	1970-01-20 19:20:17	Name: uuid Value: ad1163f8-fd89-4b00-88d3-d5bdd628743b
.pubmatic.com/	1970-01-20 12:03:58	Name: KRTBCOOKIE_27 Value: 16735-uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b&KRTB&16736-uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b&KRTB&23019-uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b&KRTB&23114-uid:ad1163f8-fd89-4b00-88d3-d5bdd628743b
.pubmatic.com/	1970-01-20 10:37:34	Name: PugT Value: 1677262217
.amazon-adsystem.com/	1970-01-20 19:30:22	Name: ad-privacy Value: 0
.bidswitch.net/	1970-01-20 18:39:58	Name: tuuid Value: 5b079f9b-9b21-4574-ba34-724e76ca314a
.bidswitch.net/	1970-01-20 18:39:58	Name: c Value: 1677262217
.bidswitch.net/	1970-01-20 18:39:58	Name: tuuid_lu Value: 1677262217
.pubmatic.com/	1970-01-20 10:37:34	Name: SPugT Value: 1677261190
.amazon-adsystem.com/	1970-01-20 15:09:43	Name: ad-id Value: A64BMaN_EEJuuxk8JOnRpTY
.scoota.co/	1970-01-20 19:30:22	Name: tuuid Value: 1f031b81-4546-45e8-8daf-981a49436cc7
.scoota.co/	1970-01-20 19:30:22	Name: c Value: 1677262217
.scoota.co/	1970-01-20 19:30:22	Name: tuuid_lu Value: 1677262217

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gaua.hit.gemius.pl/xgemius.js(Line 826) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	URL: https://english.nv.ua/ Message: Refused to execute script from 'https://server.smartytech.io/icm.gif?uid=c62fc28a-3ab9-4b6f-a429-9561a3c6dc88' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
aud.pubmatic.com
b087db836265140778d4b1ab79e709f4.safeframe.googlesyndication.com
bidder.criteo.com
c.hit.ua
c1.adform.net
cdn.ampproject.org
cdn.indexww.com
cdn.membrana.media
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
english.nv.ua
eus.rubiconproject.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
l.getsitecontrol.com
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.scoota.co
region1.analytics.google.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
server.smartytech.io
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
sync.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ym-tack.b-cdn.net
104.18.11.47
104.18.24.185
104.18.25.185
13.248.245.213
137.74.6.209
138.199.37.230
142.250.185.162
146.59.148.16
146.59.30.100
167.235.242.31
178.250.0.157
178.250.0.163
18.156.0.31
18.193.14.187
185.29.132.245
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
198.47.127.20
2.18.36.193
2001:4860:4802:34::36
213.155.156.181
216.52.2.86
23.2.211.147
23.35.236.188
2400:52e0:1e00::1077:1
2400:52e0:1e00::722:1
2602:803:c003:200::21
2606:4700:10::ac43:175a
2606:4700::6810:7baf
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:400d:804::2001
2a00:1450:400d:807::2002
2a00:1450:400d:808::2008
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2004
2a00:1450:4025:401::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:2638::24
2a05:d018:d29:3605:3a35:c032:6d7e:7081
2a0c:5c81:5142::2
3.65.157.218
35.201.96.126
35.204.74.118
37.157.4.23
37.157.6.242
37.252.171.22
51.83.200.186
52.223.40.198
52.46.143.56
54.239.33.158
54.76.9.111
69.173.144.138
69.173.144.139
89.184.81.35
002026c4aedc98e03f1ce94c3cc275a7653f0d9334d0a45d64be8ca21a11216e
0078560fb70db9f6a543ef1931f3199823ccabecce8192327dadb79e6268a8d4
0286fa5153cf6692de386fe31fe795b0fd22b2aca342cc1251b66b874d6eead3
03cc8531ed409eee48cb2f62f80c722e2c1e4ff803e6a7e1bffe683e6f010ebe
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0665f414090e4203bebdb47967b08d4c1916fc2ecac612efb79031355ece5e89
0894101cdf14aa11278c9639e841fd566201d71e27c9aecd823e9df10bd3de34
0a9ba112bf0119332802a3e07071b6915195ef3c8a5831b6988c8e628e654825
0b8514c85c13a143e983c709b2f011704416baf80c4afc94e687438143852ce5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d71a2be08c3a1a6331707dbefc9deef6ce025f73f75722160cb4bcac3096aa9
0e23e8902170dabd5516362a21fa1689ad36afc94fa3e4ed6c530854a38733ee
1432a9b0f08ac714e4acf5a495e3283c25b4b7c4b4edffca41296198d7302b6a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
217a7412e297e8478ce2005c0bc572455b14879f5911bb2f6eb3dfd211cb95ad
2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3
2dcdeb60a2feee504a9343ccfcb032c6f0686bbcdf50f20fb8098046a8ed3c4e
303e6a8016499ee0a3c3e2ba029734919d87e65dac32e1a9f148485dcc93e5b8
33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3787f769b61644ea4cb716b4e323b6451fe98bd09d403a8b8e7c74b1dce1f1b4
3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac
3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ec948efd08111b0015eb2e9a11331353a6f30521644c477ec8f9960159e2fa3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
4de61d5423b3ad2517dd96216dfc5beeff98863d13ecd83f4834730b2f270494
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
512b6ce8e25311fb923f0e978955b023d72cf702a1e16bea7d447c6eaa8924cf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
56becb003446d137266e23002bd3be22a8a4fc15d671eb98e023aa1ef34fd1d7
57515365b47a12d529c5335c7ae09f68591fed6b628f884f5cd3209774624c5a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5daa7147bedab953ea4ce84700907d7e788115cc6e16e559cd2f39f41cc8bd60
5f54d6a803a328aa24031e5fcc677057983af13f80d85e074ec401a7f4227c6f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cfbcc612feb4e41d3792c5630e579d89b1292f4095c057f97e40a7901f24ab
642d334d10b7eaac26b7d5b67f9ded7542cf9917c5514d91f4723aeae8c50555
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
72962354a0ceebce6b55756b3bd02d1427b852bf5a5b7d2ed4f6a2ebb4be9778
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7352bdfebb19c1b618dbaa6fe3b3032356ba9b7250fb792137cd597d7a34a22a
7459ac64908a624e52f3124789a288847482c26829404252458fd8216129be98
7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859990f25046d5238a2806fa319548a490d6a0ffaa4c24968301d218be55433e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91d48a0d28f5235e2be78a682208a932e5e4d0932ba728d2420be9e03c5a98fe
9571eb8e377428aa02593df2fe5264a0abb34754267076e2dce0ea56c33ab9cd
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
984d10ea99fbb1488b99ec5e3650320077dfe4bbc22e849c7706b15ab89c03c0
9c9f010903a67a5ab88918aa1fd66fb301564215cb51ba4191c214eabfa29793
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
9f3436a6889c23670fdf0ce9c6e511ed044f94336c54aa2e19fbbd2452340ad2
a00c9dd109d76fa26eb6e19cb079506d4d36b6d4867502960587ef38beb46af6
a300414b350e322ff57d76b9e673cc36c7d63df3d923cea3e3209b4d92d3cfab
a432fd4b8f028f0f90d4cdbeb56d71634519bcf3d1b9128e937a69f447c345f2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19ece088d69d369fb37f5b8f19228c96ae0ab55043679d162d2ced9be1e4039
b67260dcb0cf2f82daa913fd4f87b6272edbc656f3fc22b445287c928a38d7ad
b86d2278f42b16eaf21b1fc20165f2f53065349187b81ccfaf5417959d42e450
baf95d52d917f11b8ab6bb81a32762d97dcd1f107017910a9b66174e8a98ab7c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc4ca26bfdaadbbda0b2a6e2cf960abb5698796c2936e9fbd4622bc8856a6657
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c691fbb0e8275c1dda83610d0cd3afedd6c0ff0bf6bfccf9a71feb95635335f8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce94eef1db9133cc5d3c46c0b6a83e8a304af5578bb60d35f861eae8146f3d96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d1fe4d746075564b96aace5b1f128c12929a66e4fa841e7903c7226be49769e5
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507
d76c0de81daa83a186eb4607d36d518d27045937fc36819c858576387d744ba4
dc50da0209bd1a4a5d6f47c76f0177be1b992f8a9a65011ab5afc6431b6bd867
e183f81222f4a423022bd5bf091afd5e9d9631c183e35626e41d7dfa7c09584a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53925268aa7139a98dcb248748447fa3e59528485f630fd4fcdee5ab35351e9
e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc
e733517b2d3d89acf4a9cabb7061550cace4949d4139488d079a0969d6938779
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a8ad9d568737a29441a56d2d51add5e722b7c8dd7b2711a8f634ea0d374bb3
f5acf9cfcf38ba42b5b3be60ffdacd0dd22bae946f9ecb249b1340c2575cd9cb
fbbf779ffbc6552caf59d897c38bb535a0a7939c345fa0d6c97cc2c00e6fef83

english.nv.ua Open in urlscan Pro 2606:4700:10::ac43:175a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

82 %HTTPS

36 %IPv6

40 Domains

72 Subdomains

57 IPs

14 Countries

1605 kBTransfer

3657 kBSize

63 Cookies

10 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

english.nv.ua Open in urlscan Pro
2606:4700:10::ac43:175a Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

82 %
HTTPS

36 %
IPv6

40
Domains

72
Subdomains

57
IPs

14
Countries

1605 kB
Transfer

3657 kB
Size

63
Cookies

142 HTTP transactions
1 data transactions