Submitted URL: http://nbnews.com.ua/
Effective URL: https://nbnews.com.ua/
Submission: On March 16 via api from GB — Scanned from GB

Summary

This website contacted 57 IPs in 10 countries across 51 domains to perform 233 HTTP transactions. The main IP is 136.243.1.199, located in Germany and belongs to HETZNER-AS, DE. The main domain is nbnews.com.ua. The Cisco Umbrella rank of the primary domain is 897122.
TLS certificate: Issued by R3 on January 19th 2022. Valid for: 3 months.
This is the only time nbnews.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 80 136.243.1.199 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
8 45.133.44.4 7018 (ATT-INTER...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.111.96.44 7979 (SERVERS-COM)
4 2a03:90c0:41:... 199524 (GCORE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 142.250.184.226 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 146.0.227.109 20773 (GODADDY)
1 81.17.55.98 60781 (LEASEWEB-...)
2 51.89.9.252 16276 (OVH)
1 54.36.238.155 16276 (OVH)
1 145.40.89.200 54825 (PACKET)
1 2.21.111.28 16625 (AKAMAI-AS)
2 72.251.249.14 29791 (VOXEL-DOT...)
1 178.250.2.131 44788 (ASN-CRITE...)
6 37.252.172.45 29990 (ASN-APPNEX)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.174.47.89 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 151.101.130.49 54113 (FASTLY)
1 7 216.58.214.2 15169 (GOOGLE)
2 5 15.197.193.217 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 64.74.236.95 19024 (INTERNAP-...)
1 54.77.53.105 16509 (AMAZON-02)
1 1 18.195.162.156 16509 (AMAZON-02)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 1 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 104.111.239.217 16625 (AKAMAI-AS)
2 46.236.13.147 12703 (PULSANT-AS)
1 18.66.97.126 16509 (AMAZON-02)
2 37.157.3.28 198622 (ADFORM)
4 144.76.128.227 24940 (HETZNER-AS)
2 52.30.107.253 16509 (AMAZON-02)
1 7 2.18.234.21 16625 (AKAMAI-AS)
2 151.101.129.108 54113 (FASTLY)
1 1 198.148.27.140 19189 (PULSEPOINT)
4 185.86.139.115 201081 (SMARTADSE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 35.244.174.68 15169 (GOOGLE)
1 1 162.254.186.187 33695 (SCALEMATRIX)
1 2 209.54.177.54 16509 (AMAZON-02)
1 1 52.3.176.75 14618 (AMAZON-AES)
1 37.157.6.241 198622 (ADFORM)
1 1 3.214.98.210 14618 (AMAZON-AES)
233 57
Apex Domain
Subdomains
Transfer
80 nbnews.com.ua
nbnews.com.ua — Cisco Umbrella Rank: 897122
667 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
307 KB
16 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
219 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2174
ad4m.at — Cisco Umbrella Rank: 1742
assets.ad4m.at — Cisco Umbrella Rank: 32740
594 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
acdn.adnxs.com — Cisco Umbrella Rank: 523
40 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 689
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
8 KB
8 gravitec.net
cdn.gravitec.net — Cisco Umbrella Rank: 24268
id.gravitec.net — Cisco Umbrella Rank: 119045
56 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 409
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
7 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
2 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1227
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 603
8 KB
5 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 39073
inv-nets.admixer.net — Cisco Umbrella Rank: 2365
84 KB
4 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 13678
98 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 adform.net
adx.adform.net — Cisco Umbrella Rank: 4064
c1.adform.net — Cisco Umbrella Rank: 524
738 B
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18655
api.webgains.io — Cisco Umbrella Rank: 47350
51 KB
3 gstatic.com
www.gstatic.com
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 604
2 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 35662
87 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 528
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
2 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 91678
static-de.ad4mat.net — Cisco Umbrella Rank: 128562
4 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
59 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
72 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
914 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
740 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 797
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1689
24 KB
2 gravitec.media
cdn.gravitec.media — Cisco Umbrella Rank: 42794
api.gravitec.media — Cisco Umbrella Rank: 34641
2 KB
2 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 39071
ui.cleverwebserver.com — Cisco Umbrella Rank: 42260
52 KB
2 optad360.io
get.optad360.io — Cisco Umbrella Rank: 24237
220 KB
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1459
546 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1190
376 B
1 trafficroots.com
demand.trafficroots.com — Cisco Umbrella Rank: 4611
633 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 565
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438
487 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 517
440 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13937
705 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 39676
629 B
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 39406
688 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
354 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 611
35 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
536 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
422 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130
175 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1055
345 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7456
785 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
1 KB
1 adriver.ru
content.adriver.ru — Cisco Umbrella Rank: 43212
5 KB
233 51
Domain Requested by
80 nbnews.com.ua 1 redirects nbnews.com.ua
serving.stat-rock.com
11 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
10 pagead2.googlesyndication.com nbnews.com.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
www.googletagservices.com
7 cm.g.doubleclick.net 1 redirects fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
7 cdn.gravitec.net nbnews.com.ua
cdn.gravitec.net
6 assets.ad4m.at as.ad4m.at
6 ib.adnxs.com get.optad360.io
acdn.adnxs.com
5 match.adsrvr.org 2 redirects fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
get.optad360.io
ssum-sec.casalemedia.com
5 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
nbnews.com.ua
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 rtb-csync.smartadserver.com
4 serving.stat-rock.com get.optad360.io
4 ad4m.at as.ad4m.at
ad4m.at
4 gum.criteo.com 2 redirects static.criteo.net
4 as.ad4m.at fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 cdn.admixer.net nbnews.com.ua
cdn.admixer.net
3 mug.criteo.com
3 www.gstatic.com googleads.g.doubleclick.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 www.google-analytics.com nbnews.com.ua
www.google-analytics.com
3 fonts.googleapis.com nbnews.com.ua
googleads.g.doubleclick.net
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 acdn.adnxs.com get.optad360.io
2 js-sec.indexww.com get.optad360.io
ssum-sec.casalemedia.com
2 api.webgains.io analytics.webgains.io
2 adx.adform.net get.optad360.io
2 track.webgains.com as.ad4m.at
2 b1sync.zemanta.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 static.criteo.net get.optad360.io
static.criteo.net
2 www.google.com tpc.googlesyndication.com
fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
2 www.googletagservices.com googleads.g.doubleclick.net
fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
2 fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 ap.lijit.com get.optad360.io
2 onetag-sys.com get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 get.optad360.io nbnews.com.ua
get.optad360.io
1 sync.extend.tv 1 redirects
1 c1.adform.net ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ssum-sec.casalemedia.com js-sec.indexww.com
1 demand.trafficroots.com 1 redirects
1 id.rlcdn.com
1 dsp.adfarm1.adition.com 1 redirects
1 bh.contextweb.com 1 redirects
1 analytics.webgains.io track.webgains.com
1 www.awin1.com as.ad4m.at
1 pb.media01.eu as.ad4m.at
1 pv.medialead.de 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 match.sharethrough.com 1 redirects
1 ads.yieldmo.com fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 prod-rtb.ad4mat.net nbnews.com.ua
1 api.gravitec.media cdn.gravitec.media
1 ui.cleverwebserver.com nbnews.com.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 prebid-eu.creativecdn.com get.optad360.io
1 bidder.criteo.com get.optad360.io
1 htlb.casalemedia.com get.optad360.io
1 prebid.a-mo.net get.optad360.io
1 rtb.adxpremium.services get.optad360.io
1 prg.smartadserver.com get.optad360.io
1 inv-nets.admixer.net get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 cdn.gravitec.media cdn.gravitec.net
1 id.gravitec.net cdn.gravitec.net
1 scripts.cleverwebserver.com nbnews.com.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 content.adriver.ru nbnews.com.ua
233 72

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
vk.com
www.optad360.com
Subject Issuer Validity Valid
nbnews.com.ua
R3
2022-01-19 -
2022-04-19
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2
2021-03-04 -
2022-04-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.optad360.io
Amazon
2021-11-17 -
2022-12-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018
2020-04-03 -
2022-04-24
2 years crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2021-06-08 -
2022-06-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-24 -
2022-06-23
a year crt.sh
cdn.gravitec.media
R3
2022-01-24 -
2022-04-24
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2021-08-05 -
2022-09-05
a year crt.sh
*.a-mo.net
R3
2022-02-18 -
2022-05-19
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-04 -
2022-05-03
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-04-12
a year crt.sh
*.google.de
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
api.gravitec.media
R3
2022-02-15 -
2022-05-16
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
www.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-02 -
2022-05-03
3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2022-02-19 -
2022-05-20
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.yieldmo.com
Amazon
2021-05-25 -
2022-06-23
a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA
2021-06-11 -
2022-06-16
a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
*.webgains.io
Amazon
2022-02-10 -
2023-03-11
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
serving.stat-rock.com
R3
2022-02-27 -
2022-05-28
3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4
2021-05-10 -
2022-06-11
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-18 -
2022-07-13
6 months crt.sh

This page contains 23 frames:

Primary Page: https://nbnews.com.ua/
Frame ID: EC884500F96EF6FC66BE14B483FDCEF4
Requests: 147 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html
Frame ID: C7238D7062533EBEF1B54E89650F62AC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: DB5A7430612A2C664588FB0D7073E2C2
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 192F777F9C6D8838F884F034AD4C2C9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6038107135689365&output=html&adk=1812271804&adf=3025194257&lmt=1647407810&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fnbnews.com.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647407810104&bpp=3&bdt=810&idt=393&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6990835704908&frm=20&pv=2&ga_vid=564873915.1647407810&ga_sid=1647407811&ga_hid=1390477920&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C21066428%2C44756894&oid=2&pvsid=1556709287448595&pem=42&tmod=1225392222&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=412
Frame ID: C1E21CE8550A97D23F9BAE488DF654A0
Requests: 1 HTTP requests in this frame

Frame: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E5B29453D15E878461EE38293EDC56AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Frame ID: AC0855946B648374E00C273F4A8C77F2
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B4B2665FF210FE6CB99082C73F037784
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD2E678E335A66E4A4F1DE99799BFED4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ECB6700EB610DF41D52859CB20C2BA30
Requests: 2 HTTP requests in this frame

Frame: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4D2B8C4F945FF71DA641387DA9A65917
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gjhjdfjsjapr33w4zmbm3vq16mzwbwwrv2ezm5hq0nnerybrc0j598mbjesgcawpq1q1qv8avsybxxaydphk5d0mhqfbv7p74z6xfdnq80sy6vaarj5m76dnzs6znw8hmspjpay0k3xh5a2rk4zcsjd8twq3q0ehfxbmbd1xxncpjdh9h30jg8nqhbypnzk18ajtxnwx6hrnvw5nwa89kaxp90rcf6ck03ggw4aghm4n9xkmecf07rjrzr7cqe38bkf4g7qnrarar8n8x28h4p8tma0e1bkdzt690t44d067dvr2qd5w7sf949j95w4hnhqr8536e6y0zdqrej4374fnxyrwgmwcykf5xjx78f9ahk5hnhxxbxqf71705hesfbhp36b5vdnwz2vfbv0jhm4b605cdmy414k4shjetebqtbasgn9tt6fynw8dcwjrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%26client%3Dca-pub-5512390705137507%26adurl%3D
Frame ID: 3FF21F865638BCEDC46F53FC31B25942
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FFB79DF68F7DF926E185B7741C17825E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
Frame ID: E1D0868F0C468F119D39E6CA97F7519B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nbnews.com.ua
Frame ID: 99850A0D695953120FBD563225FC1712
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 93EF82BCE60F0CFE55E537B2F5D426F1
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Frame ID: 84220AA4FA246C79F88F03B58D2AB575
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1647407810684&gdpr=0
Frame ID: D4D56E0FA948866572BF45946DF7E0D8
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D82DE4FFF91DFA2FE25795FFF9B83F3B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4BD03434D34BC076004245AB11FC5C45
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 91E752B0519C0337BB27CEEF9E00086D
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13408698
Frame ID: 392BEB5ED9B6EA1727389F66B3BCAB1A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7EAEB420E6D88BAF09428608581084C6
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Национальный Банк Новостей — свежие новости, главные события сегодня в Украине за 24 часа

Page URL History Show full URLs

  1. http://nbnews.com.ua/ HTTP 301
    https://nbnews.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

233
Requests

92 %
HTTPS

37 %
IPv6

51
Domains

72
Subdomains

57
IPs

10
Countries

2715 kB
Transfer

6602 kB
Size

48
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nbnews.com.ua/ HTTP 301
    https://nbnews.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMHA7-fsULf5BGp2GNg2xVI&google_cver=1&google_push=AYg5qPLOVI8H2zBAUQJhv279jQ1uRM902krGyCz3TtEQJ3XZNzTTg46WeCJooVM20ywxRy_1PdMdJmccfMdQzKeh0r8GRH8n6s8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMHA7-fsULf5BGp2GNg2xVI&google_push=AYg5qPLOVI8H2zBAUQJhv279jQ1uRM902krGyCz3TtEQJ3XZNzTTg46WeCJooVM20ywxRy_1PdMdJmccfMdQzKeh0r8GRH8n6s8
Request Chain 163
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENhb-eTjW-Ws8Zg4FJOLVto&google_cver=1&google_push=AYg5qPIOfIRJHGnqlYoxK8n-Yt2Xu74B0pkSAi6sjSEOd4botsxPLSU2cKLtj2lS8X8PMPpu4jvoLkrRIZJTNlMtLXy-H3fimQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIOfIRJHGnqlYoxK8n-Yt2Xu74B0pkSAi6sjSEOd4botsxPLSU2cKLtj2lS8X8PMPpu4jvoLkrRIZJTNlMtLXy-H3fimQ&google_hm=NDE1NTg3ODA0NTA1NjI1NTQyOA%3D%3D
Request Chain 164
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEG3Q2iCAE44JRSQsEovRLiw&google_cver=1&google_push=AYg5qPJTYj9rVVBzwUmYNMp217V_uWqWj7N7mmvOyZqeU0Wo3xtwIg6Is2p0vpdLBbIvSPvo7Jht9kTlQmqCfajZKCn6X9ssgg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEG3Q2iCAE44JRSQsEovRLiw&google_push=AYg5qPJTYj9rVVBzwUmYNMp217V_uWqWj7N7mmvOyZqeU0Wo3xtwIg6Is2p0vpdLBbIvSPvo7Jht9kTlQmqCfajZKCn6X9ssgg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJTYj9rVVBzwUmYNMp217V_uWqWj7N7mmvOyZqeU0Wo3xtwIg6Is2p0vpdLBbIvSPvo7Jht9kTlQmqCfajZKCn6X9ssgg&google_hm=Y2M4TlBHWW54TUxhWGl4YWFxMUE=
Request Chain 165
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_cver=1&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg
Request Chain 167
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDpAFSNCIhpFKxtbkKRqhZc&google_cver=1&google_push=AYg5qPLBaG02WDQmZiNJ0gV2JHk7-A2tCEoikJq_p3i6tfeoIQhDTKqz2OwJbmRoKZq8oWqTG15-M6hGByYF5moeDSiMXTuq2Ghy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjY1YWQwMDQtYTk4OS00OTNjLWEyZTUtZDQ1MjczMTdhZmEy&google_push=AYg5qPLBaG02WDQmZiNJ0gV2JHk7-A2tCEoikJq_p3i6tfeoIQhDTKqz2OwJbmRoKZq8oWqTG15-M6hGByYF5moeDSiMXTuq2Ghy
Request Chain 176
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nbnews.com.ua&sn=ChromeSyncframe&so=0&topUrl=nbnews.com.ua&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=rTkdTXxFVzJwQmJMWlU0aTV3d1FhNmJJTmhwZG1HZGRQM0R5R2dVK2tmK011bjJSTjJHMzFueHhMdU9oNDMwQzQxZUVUNGxEOVZPaGJ4WkUwRnFwU05hQWZxNTArZXhiemtMbWZ0YU5xK2QyQWx1RUw2bXd4NklJL29JMzVTeVMzSVppZVcwclVnSWVkaVhMWW05enJNZGQ2Uldwb0RSUFZ6ZUJOZzFudCs0cTlYSUdEaFpQM3YvZDJMSHRwdEV3clZCUGw4R0pIZEk0eEtkNzR3WE5OOWtBM2phTlg3RXFyZUJzNkFoZUhVRlNtaUJZUnU2KytDVERXWGRNWXdkR25PNUFjd3YyT1dJTHVGL2djaS9oTUdzQ29Jdz09fA&cppv=2
Request Chain 185
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidP5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746oneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidP5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746oneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Request Chain 202
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnbnews.com.ua%2F&domain=nbnews.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=JMZF63w2QnowTkV2QVVYSHBHMDVya1ltVlpqYTFRcGFaRk5ieEk0d3RwcjhCZk0rbkc1L1hnNVlrRmNnWWlTUTV3eUVZL2FqdEdDamZDNzcrZHgyTmx2T0lDNnRvajI3OUpRdnhuK2ZuS3JkL09SVTNQS0RmVTkvL3ZsaXZScHJWUDBucmpxQmFFREQwV05xYkJqTTIzYkRXSFpPZXhRQXVWSGhiN0JxWEF0c0tyZ0QwMlZ5L0JGOTdlZzNsNGUrcG53SnhRTFZoNGZrMWRGWE9sbFQ0d29MVTZxdzJsZlV5SFV0SHZBRFUwYlNmQnBuMWprb1UrdXlGRTMyVVBLZmdnVEprdGtMazk5NjRYWC9CWDdxYk5aNXkzZz09fA&cppv=2
Request Chain 209
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fJmcA450kmO0&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 210
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7075562684309174417&gdpr=0&gdpr_consent=
Request Chain 212
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=9bfada24aa&gdpr=0&gdpr_consent=
Request Chain 213
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=fac4c61e-8efd-4abd-97a4-5a11ddd7caa0&gdpr=1&gdpr_consent=
Request Chain 223
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjFywwCwPvVY2M7NjdbxTwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAus1qhm3CoIH5OjLMZIDNA&google_cver=1&gdpr=1
Request Chain 225
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&dcc=t
Request Chain 226
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5c1069fd-5149-41e2-a380-a442c74c4f7d&expiration=1678943814
Request Chain 229
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3caf8e2e-7f7e-4c82-b17c-1ca627d26414

233 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nbnews.com.ua/
Redirect Chain
  • http://nbnews.com.ua/
  • https://nbnews.com.ua/
289 KB
46 KB
Document
General
Full URL
https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 / PHP/7.4.28
Resource Hash
b60053fce592c08ae613dee226aef1d242bc025ef3c5d43119a4170c972bd1e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Server
nginx/1.18.0
Date
Wed, 16 Mar 2022 05:16:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.4.28
Link
<https://nbnews.com.ua/wp-json/>; rel="https://api.w.org/", <https://nbnews.com.ua/wp-json/wp/v2/pages/378292>; rel="alternate"; type="application/json", <https://nbnews.com.ua/>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx/1.18.0
Date
Wed, 16 Mar 2022 05:16:48 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://nbnews.com.ua/
style.min.css
nbnews.com.ua/wp-includes/css/dist/block-library/
81 KB
12 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Feb 2022 23:30:54 GMT
Server
nginx/1.18.0
ETag
W/"6215722e-145a9"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
style.css
nbnews.com.ua/wp-content/themes/jnews/
427 B
622 B
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/style.css?ver=5.9.2
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
31ad828e2003fae096373bbc762bcf87b6c10c73a37768d2862557050f9a6c04

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-1ab"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.6
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3f5634006d2a628e829de3ddec0f44de5206a017a8019b46c5783847463c0ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 04:19:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 05:16:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Mar 2022 05:16:49 GMT
font-awesome.min.css
nbnews.com.ua/wp-content/themes/jnews/assets/fonts/font-awesome/
30 KB
7 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/fonts/font-awesome/font-awesome.min.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
f29d52fcae1ca1d3425e7a612323c8b59a69cb3191fd5fd5535362a0ab25e7b6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-7918"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jegicon.css
nbnews.com.ua/wp-content/themes/jnews/assets/fonts/jegicon/
3 KB
961 B
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/fonts/jegicon/jegicon.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
ec9d8c907138c1545c1e92a42a86e0fc451ecedf5259d0562ec2192429092451

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-aff"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.jscrollpane.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
1 KB
801 B
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/jquery.jscrollpane.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
1a3c7aa57ca5e0ab462f42b45b90da3ff2e1b22f46a6d2a902018ecd874f82c2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-4ae"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
okayNav.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/okayNav.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
d85ca8586e1f1cb0d61a05cc405d33700aef58f7bdc9e71ef6b68323b7604ef6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-ab9"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
magnific-popup.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/magnific-popup.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
2948481022d708e82719cfcd81524c45a552e648e7b0c556926d117dd15fdd60

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-1609"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
chosen.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/chosen/
11 KB
3 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/chosen/chosen.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
44398587b3d4b1a7ec6f1d30c13c37d8a3f3f7825a2dc36c97d0f499653a788b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-2ac8"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
main.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
237 KB
41 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
f6a4585e2465177bbddcde638405c9d549c2c59854043355d75013ade5988c71

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-3b495"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
sidefeed.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/sidefeed.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
acc275fad85f59a2e747aad534320abc9f33fdce217db0275391d829b519db54

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-15cd"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
responsive.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/responsive.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
b6aebdce6f243a2fd13336d91c9e8c03f9d128ac528d5b64929b2eddf475a105

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-2f1a"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
pb-temp.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
29 KB
4 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/pb-temp.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
55e21ada9415874ff9a81d89495061325971d3e9856f3806e0dfa20f33b8bc61

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-72c5"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
style.css
nbnews.com.ua/wp-content/themes/jnews-child/
566 B
597 B
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews-child/style.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
5bf97de8ad6bc93b3c21dc853b405253b32668272e36f8624d209ce143681538

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:11:25 GMT
Server
nginx/1.18.0
ETag
W/"619d670d-236"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
darkmode.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
45 KB
7 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
c59426a4df232c037668bb50cb20438ca14c5b118dfe756ab38d18f5bd204f05

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-b576"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
plugin.css
nbnews.com.ua/wp-content/plugins/jnews-social-login/assets/css/
2 KB
927 B
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/plugins/jnews-social-login/assets/css/plugin.css?ver=10.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
4c62c820213f1ab28757a744fd3d15b65fc1ac9e148c8db2c50eb8a20959f930

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 23:09:07 GMT
Server
nginx/1.18.0
ETag
W/"619d7493-94e"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
plugin.css
nbnews.com.ua/wp-content/plugins/jnews-weather/assets/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/plugins/jnews-weather/assets/css/plugin.css?ver=10.0.1
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
8090175413e5704419b0395fd14158a2c699d36f1deeb67083f1dcde74166c94

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 23:09:18 GMT
Server
nginx/1.18.0
ETag
W/"619d749e-35dd"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.min.js
nbnews.com.ua/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
https://nbnews.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Nov 2021 21:04:12 GMT
Server
nginx/1.18.0
ETag
W/"6190284c-15db1"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery-migrate.min.js
nbnews.com.ua/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://nbnews.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Nov 2021 21:04:12 GMT
Server
nginx/1.18.0
ETag
W/"6190284c-2bd8"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
tracking-analytics-events.js
nbnews.com.ua/wp-content/plugins/google-analytics-dashboard-for-wp/front/js/
5 KB
1 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/plugins/google-analytics-dashboard-for-wp/front/js/tracking-analytics-events.js?ver=5.3.10
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
93fa80cd61b11ae585be27bd7a1f96f41d51b1535d4d5fbed35af95e5a35affc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Dec 2019 17:42:55 GMT
Server
nginx/1.18.0
ETag
W/"5defd91f-1264"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
adriver.core.2.js
nbnews.com.ua/javascript/
6 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/javascript/adriver.core.2.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
1b748b2a19ea102ecb1c5116d2dab223a338064511efe1b955a5d0b1c7863b0b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Jan 2019 14:53:31 GMT
Server
nginx/1.18.0
ETag
W/"5c45dceb-183e"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
client.js
cdn.gravitec.net/storage/63390a2a940b05076f34657e50682643/
64 KB
18 KB
Script
General
Full URL
https://cdn.gravitec.net/storage/63390a2a940b05076f34657e50682643/client.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
d555ab9308ca727a44141137142a7a22048ade77ea2aeba0a4ca4c76a080ce32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:05:12 GMT
server
nginx
etag
W/"61fa4948-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:44 GMT
cache-control
max-age=10
x-proxy-cache
REVALIDATED
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
153 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d73731182b06107c43ca0d8ba1958f596cf4fed84f6fb0f91fcb6c6c1e93065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53725
x-xss-protection
0
server
cafe
etag
10881882507671443474
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 05:16:49 GMT
plugin.min.js
get.optad360.io/sf/564a6519-2a0d-11e9-9ba0-06dc070e0e6e/
285 KB
59 KB
Script
General
Full URL
https://get.optad360.io/sf/564a6519-2a0d-11e9-9ba0-06dc070e0e6e/plugin.min.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20e110dfbc5b5c28fdd7264ebf9b9625a37573f7ee25780a8f15a6a1a2937cce

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 04:41:40 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 04:04:52 GMT
server
AmazonS3
age
2110
etag
W/"4934563eabfb82bc9f9c52c64e34d776"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
h7txmqT9qKUuwR_n0TfMc9b7msVwqpQGDYKQ6pD41bFHZstEfvAUFA==
cropped-nbnews-1.png
nbnews.com.ua/wp-content/uploads/2021/11/
54 KB
54 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2021/11/cropped-nbnews-1.png
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
212549ce234b65bb0a48f911f4b91ae7ed4dbd88bb16beba7eec5c1911fb9ac4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Last-Modified
Tue, 23 Nov 2021 23:33:10 GMT
Server
nginx/1.18.0
ETag
"619d7a36-d6bc"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54972
Expires
Thu, 17 Mar 2022 05:16:49 GMT
logo.png
nbnews.com.ua/wp-content/uploads/2022/01/
55 KB
55 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/01/logo.png
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
26d2d474363e0eaf6e003b28b5d9ce56c11422c6d57b90f8438d7d61ca785500

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Mon, 24 Jan 2022 12:37:25 GMT
Server
nginx/1.18.0
ETag
"61ee9d85-dc32"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56370
Expires
Thu, 17 Mar 2022 05:16:50 GMT
wp-emoji-release.min.js
nbnews.com.ua/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://nbnews.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Nov 2021 21:04:12 GMT
Server
nginx/1.18.0
ETag
W/"6190284c-4705"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
jquery.modal.min.css
nbnews.com.ua/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/
3 KB
2 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.css?ver=4.3.25
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 22:00:59 GMT
Server
nginx/1.18.0
ETag
W/"61ddfe1b-c81"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
tiny-slider.css
nbnews.com.ua/wp-content/themes/jnews/assets/js/tiny-slider/
2 KB
1003 B
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
c5310fe55b411c576b30cda56f82773bc7227cf7dc069cbd80810968d9172ba8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-80a"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jnewsglobalslider.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/slider/
4 KB
1 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/slider/jnewsglobalslider.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
953d297714ff8be59e2ee663f52a3ca5ec31e35f9873497b64d7db9784011e6f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-e61"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jnewsvidplaylist.css
nbnews.com.ua/wp-content/themes/jnews/assets/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/jnewsvidplaylist.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e8120fc8c7e91c95a395f16edeaed21f80f643be594d6849c7f8e59d50f3880b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-31a8"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
scheme.css
nbnews.com.ua/wp-content/themes/jnews/data/import/news/
619 B
674 B
Stylesheet
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/data/import/news/scheme.css?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
9029f73a96c2d4c217f576b0112e4904b012dac75a997fae34508f2c8be7848c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-26b"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
comment-reply.min.js
nbnews.com.ua/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-includes/js/comment-reply.min.js?ver=5.9.2
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Feb 2022 20:52:30 GMT
Server
nginx/1.18.0
ETag
W/"61f99d8e-ba3"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
hoverIntent.min.js
nbnews.com.ua/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://nbnews.com.ua/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
491ee20092ce969e6785601ae4595748d4ac5ee4df19012b19b77de6c9dfd357

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Feb 2022 20:52:30 GMT
Server
nginx/1.18.0
ETag
W/"61f99d8e-5dc"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
imagesloaded.min.js
nbnews.com.ua/wp-includes/js/
5 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 21:01:37 GMT
Server
nginx/1.18.0
ETag
W/"5f500831-15fd"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
isotope.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
34 KB
10 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/isotope.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
ada513423b09166196cade2ad91682690576b91d2ee01181e7bfabbc2144c241

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-8956"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
lazysizes.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
7 KB
3 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/lazysizes.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
9ab6fe2bf97ae3218625c1b808abaad9f40936b9780a22428d8daf42144cdd09

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-1b0e"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
ls.bgset.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
3 KB
1 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/ls.bgset.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
1cecf6aff3799676afbba5d917af1ed2ba13d4cb15431ba6ac1a32a27cb7aa58

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-aef"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
superfish.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
5 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/superfish.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
8edd2a4a88a1b0385e933707d56f890eb25a2271e0c5bccafbf0c79349d8dc09

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-14a1"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
theia-sticky-sidebar.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
5 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/theia-sticky-sidebar.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
108e6d6c4ea55806131a27ea4478bf568a1b98a43b40626cb27eff103837a4a2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-14bb"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.waypoints.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
9 KB
3 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.waypoints.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
d9e32d14eae4dd2bf3e342e71c482cb607435898e7d0b5720c3b638683f22b2d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-2308"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.scrollTo.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
3 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.scrollTo.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
8fe5c08e7851e25f6bd19661fd428e22af9c272bb613364c0ee28e98abcb62e8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-a47"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.parallax.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
564 B
684 B
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.parallax.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
1285fa0d3efa9b784623a0ee0575627ae18e2dba5545321767925eb3445b3d15

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-234"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.okayNav.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
8 KB
3 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.okayNav.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
3986290ba6333667dae9d7466d47e7e058abe1f1622d50d357a20b89710ae614

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-1e29"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.mousewheel.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
3 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.mousewheel.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
bd01c0244978d00755375e967677b6c64d069ee054dcc2b37d5279445eb77b75

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-ad2"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
modernizr-custom.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
17 KB
7 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/modernizr-custom.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
3781ba82228dbf3f5cf9664287cb8b0a7b8d20a5224c54d8a6a5f26c7cc2f1db

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-427c"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.smartresize.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
267 B
560 B
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.smartresize.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
edee0332b3323e1e756dfcaf260677b4962f02b6941a62db78b5928622517574

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-10b"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
chosen.jquery.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
28 KB
7 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/chosen.jquery.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
858acfc3ca76457634a9b3a39c08129336cbd8ad964b9a6eaf3668eccd520d29

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-70f6"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.magnific-popup.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
20 KB
7 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.magnific-popup.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
ff818d9d92ee77b1976869ddb607b3557c64eecae2806497b96afe2af76ed0ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-4ebc"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.jnewsgif.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
1 KB
900 B
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.jnewsgif.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
4b782cac9a76a4137f6a94ed25c97d1df386ad8866192f86c2bc1136c10627d5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-477"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:49 GMT
jquery.jsticky.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
2 KB
1 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.jsticky.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
b91d4596d3de758cc68c99f3df2859d33e3bf6046ea9648db5bba52f22f92e7c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-680"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
jquery.transit.min.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
8 KB
3 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.transit.min.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-1e96"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
jquery.module.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
8 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.module.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
904b7839b8a28b823a7c1a74b3093f51eed791d356e28134f97db09d39ced2ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-1eaf"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
main.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
44 KB
12 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/main.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
533188c8bfc88b380a888caf14b8248653daa846e1dd184a0665964cf97484dd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-aef9"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
jquery.jscrollpane.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
14 KB
5 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jquery.jscrollpane.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
8b8a59460848f2c4ce056fb0fa736158af0dfc27e2f8e4bcc3e51987a57fcdbb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-38b6"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
sidefeed.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
7 KB
3 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/sidefeed.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
b6442b32bc51bcbc78e248896eae4b46ae5bf1842e460c4a65aa5bb8847d6b5d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-1cff"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
darkmode.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
3 KB
1 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/darkmode.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
d08d8bf8cbf6836a524b19e04a2f343506c3d92e3b9dc66f5f52c4786ce15439

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-d10"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
plugin.js
nbnews.com.ua/wp-content/plugins/jnews-social-login/assets/js/
990 B
842 B
Script
General
Full URL
https://nbnews.com.ua/wp-content/plugins/jnews-social-login/assets/js/plugin.js?ver=10.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
c1242fa94be3c8b4f77e19e0098a00ce4714e76b48fcf9fb6c6fb95e978bc5df

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 23:09:07 GMT
Server
nginx/1.18.0
ETag
W/"619d7493-3de"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
plugin.js
nbnews.com.ua/wp-content/plugins/jnews-weather/assets/js/
3 KB
1 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/plugins/jnews-weather/assets/js/plugin.js?ver=10.0.1
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
14fda626da796ba6001f41a90c37863699bb447ee82d31ca8a9ae561e9abfdef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 23:09:18 GMT
Server
nginx/1.18.0
ETag
W/"619d749e-ba4"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
jquery.modal.min.js
nbnews.com.ua/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/
5 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.js?ver=4.3.25
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 22:00:59 GMT
Server
nginx/1.18.0
ETag
W/"61ddfe1b-136e"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
tiny-slider.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/tiny-slider/
32 KB
13 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
834f36e331c276d5f1f5ad0f25c293b00512410612cddf6e6e2266bb4df43f3f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-7eb6"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
tiny-slider-noconflict.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/tiny-slider/
251 B
488 B
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider-noconflict.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
b932a10c6814724741c5dcfb0fd8bb70ff95946a13a2e2acecbdfc4d10240f92

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-fb"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
jnewsvidplaylist.js
nbnews.com.ua/wp-content/themes/jnews/assets/js/
5 KB
2 KB
Script
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/js/jnewsvidplaylist.js?ver=1.0.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
853027a57de2415798f65d5695e6b8f81debcc9dfce493d3cd1ba7df02bbfe1a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
W/"619d6684-1500"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 17 Mar 2022 05:16:50 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4323
date
Wed, 16 Mar 2022 04:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Mar 2022 06:04:46 GMT
autoUpdate.adriver.js
content.adriver.ru/plugins/
5 KB
5 KB
Script
General
Full URL
https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/javascript/adriver.core.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.96.44 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:49 GMT
last-modified
Fri, 24 Dec 2021 11:24:04 GMT
server
nginx
etag
"61c5add4-1455"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
5205
expires
Wed, 16 Mar 2022 06:16:49 GMT
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Wed, 16 Mar 2022 05:16:49 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:43 GMT
server
nginx
etag
W/"621a6a17-2c0e6"
x-cached-since
2022-03-16T05:11:32+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Sat, 26 Feb 2022 18:08:55 GMT
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/gif
preloader.gif
nbnews.com.ua/wp-content/themes/jnews/assets/img/
4 KB
5 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/img/preloader.gif
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
d64e383dfb28ce7e37cba7ddf8dc33b90802fb1840a887c030f1af0b0047715a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
"619d6684-112f"
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4399
Expires
Thu, 17 Mar 2022 05:16:49 GMT
fontawesome-webfont.woff2
nbnews.com.ua/wp-content/themes/jnews/assets/fonts/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/wp-content/themes/jnews/assets/fonts/font-awesome/font-awesome.min.css?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://nbnews.com.ua/wp-content/themes/jnews/assets/fonts/font-awesome/font-awesome.min.css?ver=1.0.0
Origin
https://nbnews.com.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
Connection
keep-alive
Accept-Ranges
bytes
ETag
"12d68-5d17bfd8a8b94"
Content-Length
77160
jegicon.woff
nbnews.com.ua/wp-content/themes/jnews/assets/fonts/jegicon/fonts/
7 KB
7 KB
Font
General
Full URL
https://nbnews.com.ua/wp-content/themes/jnews/assets/fonts/jegicon/fonts/jegicon.woff
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/wp-content/themes/jnews/assets/fonts/jegicon/jegicon.css?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://nbnews.com.ua/wp-content/themes/jnews/assets/fonts/jegicon/jegicon.css?ver=1.0.0
Origin
https://nbnews.com.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:49 GMT
Last-Modified
Tue, 23 Nov 2021 22:09:08 GMT
Server
nginx/1.18.0
ETag
"1be8-5d17bfd8a8b94"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7144
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 16 Mar 2022 06:04:47 GMT
borel-360x180.jpg
nbnews.com.ua/wp-content/uploads/2022/02/
12 KB
12 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/02/borel-360x180.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
95f8d83fb4f4a65eff675c229830b80b762ac811be1e416875076d51de51384f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Sat, 12 Feb 2022 18:44:05 GMT
Server
nginx/1.18.0
ETag
"6207fff5-3080"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12416
Expires
Thu, 17 Mar 2022 05:16:50 GMT
vezha_vzimku-75x75.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
3 KB
3 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/vezha_vzimku-75x75.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
ad1bc545ed23abc9254fe3c686c2ce377f012c8e969a2b35b4f64848a2e5efce

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Tue, 15 Mar 2022 17:52:42 GMT
Server
nginx/1.18.0
ETag
"6230d26a-b0a"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2826
Expires
Thu, 17 Mar 2022 05:16:50 GMT
u-na-75x75.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
3 KB
3 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/u-na-75x75.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
b43d0eb69572d21c75da6f33822b27f0870244f7d1b6c4d865a40284c040a3bf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Tue, 15 Mar 2022 17:45:44 GMT
Server
nginx/1.18.0
ETag
"6230d0c8-b91"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2961
Expires
Thu, 17 Mar 2022 05:16:50 GMT
image-75x75.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
3 KB
3 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/image-75x75.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
578f49d25490d18b8e9c82fe39da2e2928c142b9a93f0447c5c707e06897416d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Tue, 15 Mar 2022 17:34:45 GMT
Server
nginx/1.18.0
ETag
"6230ce35-b57"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2903
Expires
Thu, 17 Mar 2022 05:16:50 GMT
1200px-mcdonalds_golden_arches-75x75.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
2 KB
3 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/1200px-mcdonalds_golden_arches-75x75.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
90e04993f5537b1e3f42b3cefb575312384eb9ec320044b0e3775012047d09cf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Tue, 15 Mar 2022 17:04:08 GMT
Server
nginx/1.18.0
ETag
"6230c708-9ff"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2559
Expires
Thu, 17 Mar 2022 05:16:50 GMT
0a0bf7c0-c318-11eb-8ba2-d303458b553c-75x75.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
2 KB
3 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/0a0bf7c0-c318-11eb-8ba2-d303458b553c-75x75.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
72be4e4f728300f0723d1c22dfa697639f9e5adaeacfdb41cfe2dde05c8886bb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Mon, 07 Mar 2022 14:46:15 GMT
Server
nginx/1.18.0
ETag
"62261ab7-8f7"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2295
Expires
Thu, 17 Mar 2022 05:16:50 GMT
photo_2020-04-21_13-15-20-1-75x75.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
3 KB
3 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/photo_2020-04-21_13-15-20-1-75x75.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
12d69214c2faedde702417481028c2516e407a8a563f7b4853cfc89fa15e4a7d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Tue, 15 Mar 2022 15:48:22 GMT
Server
nginx/1.18.0
ETag
"6230b546-a92"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2706
Expires
Thu, 17 Mar 2022 05:16:50 GMT
38172ca0-5fcd-11ec-9731-8981b2f7cb67-75x75.jpg
nbnews.com.ua/wp-content/uploads/2022/01/
3 KB
3 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/01/38172ca0-5fcd-11ec-9731-8981b2f7cb67-75x75.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e81e4ebce58ffc76eaad5e55dae7b24291f32a40d0089635814c55ea15fc588e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Wed, 12 Jan 2022 17:28:35 GMT
Server
nginx/1.18.0
ETag
"61df0fc3-adc"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2780
Expires
Thu, 17 Mar 2022 05:16:50 GMT
imgonline-com-ua-resize-stnviqoyghj-75x75.jpg
nbnews.com.ua/wp-content/uploads/2022/02/
3 KB
3 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/02/imgonline-com-ua-resize-stnviqoyghj-75x75.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
505ef3bb5fa1e8845c942470307405520f941e20494aac5596210cb6a6aa2107

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Wed, 16 Feb 2022 07:27:03 GMT
Server
nginx/1.18.0
ETag
"620ca747-ab9"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2745
Expires
Thu, 17 Mar 2022 05:16:50 GMT
configs
cdn.gravitec.net/sdk/web/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.gravitec.net/sdk/web/configs?appKey=63390a2a940b05076f34657e50682643
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/63390a2a940b05076f34657e50682643/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
66a57c0e4f3f8bca9b9ac3bd55990c6d9be88605138533bb6d1b42dfbbdbc63e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
x-correlation-id
54e092935b3446a3405d54830987f465
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
content-encoding
gzip
x-proxy-cache
MISS
collect
stats.g.doubleclick.net/j/
1 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-115457697-2&cid=564873915.1647407810&jid=398848518&gjid=1853473110&_gid=1125547555.1647407810&_u=aGBAgEIhAAAAAE~&z=1559123786
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Mar 2022 05:16:50 GMT
content-type
text/plain
access-control-allow-origin
https://nbnews.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1390477920&t=pageview&_s=1&dl=https%3A%2F%2Fnbnews.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%E2%80%94%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B1%D1%8B%D1%82%D0%B8%D1%8F%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D0%B7%D0%B0%2024%20%D1%87%D0%B0%D1%81%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIh~&jid=398848518&gjid=1853473110&cid=564873915.1647407810&tid=UA-115457697-2&_gid=1125547555.1647407810&cd1=%D0%AE%D1%80%D0%B8%D0%B9%20%D0%9F%D1%83%D1%88%D0%BA%D0%B8%D0%BD&z=732902031
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 12:20:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60978
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/
292 KB
105 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f57837a3d19aea0bc2a9ac32c436e5addbaa54b5c2e1868d98bbb3ce4ab8ab00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107539
x-xss-protection
0
server
cafe
etag
4473742680219200161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 05:16:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/ Frame C723
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 16 Mar 2022 00:33:15 GMT
expires
Wed, 30 Mar 2022 00:33:15 GMT
cache-control
public, max-age=1209600
age
17015
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c.html
cdn.admixer.net/scripts3/44184/ Frame DB5A
738 B
533 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

server
nginx
date
Wed, 16 Mar 2022 05:16:50 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Mon, 27 Feb 2023 17:58:56 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-26T17:58:56+00:00
x-id
fr5-up-gc30
content-encoding
gzip
0967ebea4a2a8854ab82.b.js
cdn.admixer.net/scripts3/44184/
23 KB
8 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:44 GMT
server
nginx
etag
W/"621a6a18-5d41"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
849bc7976a13501da8fc.b.js
cdn.admixer.net/scripts3/44184/
74 KB
19 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/849bc7976a13501da8fc.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:52 GMT
server
nginx
etag
W/"621a6a20-12993"
vary
Accept-Encoding
x-cached-since
2022-03-03T10:10:48+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 04 Mar 2023 10:10:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/564a6519-2a0d-11e9-9ba0-06dc070e0e6e/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
a3c428b915e2cdaecc9108747e349edc87c4afb2c715267d4d30ad90cafab282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27827
x-xss-protection
0
server
sffe
etag
"1159 / 626 of 1000 / last-modified: 1647382627"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Mar 2022 05:16:50 GMT
prebid6.8.0.js
get.optad360.io/sf/
531 KB
161 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid6.8.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/564a6519-2a0d-11e9-9ba0-06dc070e0e6e/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3fd0bd77b89c9e7157ed89c4d81bfe4fa9cc69e8f4f58243c8d639a13084f3e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 21 Feb 2022 03:33:52 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 13:40:09 GMT
server
AmazonS3
age
1993379
etag
W/"a85e74cc3da05463c070cca455a2a88f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
CNWTn8epVG0Ct6rwslRJVYD9s20ZP2Ovlc3WpPOMDAuD5vF9_4NJRQ==
c30a870d21a9d939e49a93972b7b8c71.js
scripts.cleverwebserver.com/
130 KB
52 KB
Script
General
Full URL
https://scripts.cleverwebserver.com/c30a870d21a9d939e49a93972b7b8c71.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07df072486d38ff74494d37e87a9ae50f779f88df71d41d745cbefe68c01bad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
br
cf-cache-status
HIT
age
1021
x-amz-request-id
C3YYWWK2N73F8210
x-amz-id-2
Uo2aTLeD+G2IbM4wFHyVq7tSi5HrFxd24XdIyTOGiliFQLIvOjH3WwqmoWTzB5bHuSGv4WG5riA=
last-modified
Mon, 28 Feb 2022 17:32:05 GMT
server
cloudflare
etag
W/"19ca76476b4292efa16e83cb30f591a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
SOEH7MBvnyLT0CHyCYzKHluFliKXc86K
cf-ray
6ecb04deaca406b6-LHR
expires
Wed, 16 Mar 2022 05:46:50 GMT
/
id.gravitec.net/ Frame 192F
621 B
615 B
Document
General
Full URL
https://id.gravitec.net/
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/63390a2a940b05076f34657e50682643/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-type
text/html; charset=utf-8
last-modified
Mon, 13 Apr 2020 15:31:02 GMT
etag
W/"5e9485b6-26d"
access-control-allow-origin
*
x-accel-expires
@1904239114
server
CDN77-Turbo
x-77-nzt
AcO1ry/7CKP/uBN9Aw
x-77-nzt-ray
AuZQqVY+7z8
x-cache
HIT
x-age
58528696
x-77-pop
frankfurtDE
x-77-cache
HIT
content-encoding
br
track.min.js
cdn.gravitec.media/
4 KB
2 KB
Script
General
Full URL
https://cdn.gravitec.media/track.min.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/63390a2a940b05076f34657e50682643/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
last-modified
Wed, 27 Nov 2019 14:51:46 GMT
server
nginx/1.18.0
etag
W/"5dde8d82-11d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 14 Jun 2022 05:16:50 GMT
cache-control
max-age=7776000
x-proxy-cache
HIT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220316
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47412e23dff0fefcefb989fa70cf70cdea598d4d97fc079e5447e56b7bb46e61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8154
x-jsd-version
1.0.1282
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19173-FRA, cache-lcy19260-LCY
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"668-Ew/jWrcAQ6y08/b3igidvxwuzkg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ecb04e01fe1757a-LHR
localstore.js
script.4dex.io/
483 B
945 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53780
x-amz-request-id
tx3da6c6797b7f4e449cd50-006230a0ad
x-amz-id-2
tx3da6c6797b7f4e449cd50-006230a0ad
last-modified
Tue, 15 Mar 2022 14:20:20 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y56FDDRkP95CQpkAC03pStWFXrY101hd3%2FvugC9TEgmhL2Lf%2FJX%2BUcan57LVuLGmDRv4bW7o5QdUBwGWChqSXnDIyINXHae2%2FiRxQ%2FjGD7qXQu191T7m9crNtQnXDaV%2BdoLBWwNh%2F2tJOATs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1647354020753810
cf-ray
6ecb04e02b3476f6-LHR
prebid.1.2.aspx
inv-nets.admixer.net/
42 B
503 B
XHR
General
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://nbnews.com.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
v1
prg.smartadserver.com/prebid/
26 KB
7 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e6a4019c20fb6f6a3ee3fbe90440d6c3d1664c3908625a9b5a9629852494d7ed

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://nbnews.com.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
prebid-request
onetag-sys.com/
15 B
360 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://nbnews.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
rtb.adxpremium.services/openrtb2/
462 B
785 B
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
bdbb567686d4fbcce57083ccf3a24533974c05e6019949c9842b7395f1b46ec6

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:51 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://nbnews.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
462
expires
0
c
prebid.a-mo.net/a/
0
345 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nbnews.com.ua
date
Wed, 16 Mar 2022 05:16:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
0
vary
origin, Accept-Encoding
cygnus
htlb.casalemedia.com/
36 B
328 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=450935&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211f19fde4e3103%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnbnews.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.8.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221244954f2ddd327%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450935%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450935%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22optad360.com%22%2C%22sid%22%3A%222822271%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22bc3aeb1c-6e27-4c4e-a15d-eee3c195b86c%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d71d5e6fbc48ec3618d5f8343ae297db7e205a6f6ddc0c1ec1e4ec5b405ff2e3

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:50 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.41], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://nbnews.com.ua
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
27
expires
Wed, 16 Mar 2022 05:16:50 GMT
bid
ap.lijit.com/rtb/
94 B
740 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.8.0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
4c1ae5b4e149c201b2c7ecead440cef66f6dcc1a6f0f529fdd92525f4be76d24

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nbnews.com.ua
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cdb
bidder.criteo.com/
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.8.0&cb=22084542886
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://nbnews.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
554030331564b4e2b69efedc4b5b65b1c917bf8ca9a2dffb403a2ad00450c96e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:50 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
74e472dd-f0aa-492e-8e77-047c63e1c03f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nbnews.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nbnews.com.ua
date
Wed, 16 Mar 2022 05:16:50 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cookie.js
partner.googleadservices.com/gampad/
217 B
422 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=nbnews.com.ua&callback=_gfp_s_&client=ca-pub-6038107135689365
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
97c4b3c30e2c5666242538a80a47a0f980f5db37d02779c79b7f81d4206b6b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nbnews.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nbnews.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C1E2
162 KB
46 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6038107135689365&output=html&adk=1812271804&adf=3025194257&lmt=1647407810&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fnbnews.com.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647407810104&bpp=3&bdt=810&idt=393&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6990835704908&frm=20&pv=2&ga_vid=564873915.1647407810&ga_sid=1647407811&ga_hid=1390477920&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C21066428%2C44756894&oid=2&pvsid=1556709287448595&pem=42&tmod=1225392222&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=412
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e971b1b848e954821be5078c2b27a62af1f5719df736a8cdd705378efbe741c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Mar 2022 05:16:50 GMT
server
cafe
content-length
47228
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Mar 2022 05:16:50 GMT
cache-control
private
/
ui.cleverwebserver.com/
146 B
182 B
Script
General
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede0cf1bad6ee684ce77ebae6b727ee584e3bdf0748c81708e0cdfe9d41bbdea

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6ecb04e02db606b6-LHR
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
pubads_impl_2022031001.js
securepubads.g.doubleclick.net/gpt/
362 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
50ef77c247263fdc6e0308a69334a3064176a1f4803e90eb0b45370231044fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41306
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125087
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 09:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Mar 2023 17:48:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
115 B
122 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nbnews.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
170a961d8c829cdcc8504f0cf9767452da02db10c04935623c8bff017a1327a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97
x-xss-protection
0
expires
Wed, 16 Mar 2022 05:16:50 GMT
track
api.gravitec.media/api/stats/
0
0
Fetch
General
Full URL
https://api.gravitec.media/api/stats/track?app_key=63390a2a940b05076f34657e50682643&user_id=0882cc76-c9e1-49c7-b478-255331c25dd5&utmb=4c65d8d4-6ff5-4897-a57b-22351327cd3a&path=https%3A%2F%2Fnbnews.com.ua%2F&referrer=
Requested by
Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.47.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:50 GMT
x-correlation-id
e34823cf45175e1c5b0cb481ad3318fe
x-content-type-options
nosniff
server
nginx
x-frame-options
DENY
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
0
x-xss-protection
1 ; mode=block
referrer-policy
no-referrer
expires
0
push-worker.js
nbnews.com.ua/ Frame
0
0

imgonline-com-ua-resize-ka0qdyqh7ygf-750x375.jpg
nbnews.com.ua/wp-content/uploads/2021/12/
34 KB
34 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2021/12/imgonline-com-ua-resize-ka0qdyqh7ygf-750x375.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
4ed70dbda3e01d8ba3526947cc87a16b5028bd8bce0c945c0c1842a33e2ed738

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Sat, 11 Dec 2021 16:20:15 GMT
Server
nginx/1.18.0
ETag
"61b4cfbf-867a"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34426
Expires
Thu, 17 Mar 2022 05:16:50 GMT
imgonline-com-ua-resize-atspz5znaqqifxx-360x180.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
8 KB
8 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/imgonline-com-ua-resize-atspz5znaqqifxx-360x180.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e9b95f90e5c14d79ca913274fe826ff0489951bafce8406cb62b860f1862aa53

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Fri, 11 Mar 2022 14:43:14 GMT
Server
nginx/1.18.0
ETag
"622b6002-1f9d"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8093
Expires
Thu, 17 Mar 2022 05:16:50 GMT
imgonline-com-ua-resize-bxhaowumspp-360x180.jpg
nbnews.com.ua/wp-content/uploads/2022/01/
10 KB
10 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/01/imgonline-com-ua-resize-bxhaowumspp-360x180.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
a3cc09c99a3cb36724150d034bff121ce307c9c238c5e190b56d3a3b457d2fdf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Sun, 30 Jan 2022 09:42:04 GMT
Server
nginx/1.18.0
ETag
"61f65d6c-2758"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10072
Expires
Thu, 17 Mar 2022 05:16:50 GMT
u-na-350x250.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
15 KB
15 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/u-na-350x250.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
1428cd67160173aabd409b618a36bc50cf4fb82304fdd126415f7be7ead5cfdc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Tue, 15 Mar 2022 17:45:43 GMT
Server
nginx/1.18.0
ETag
"6230d0c7-3c92"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15506
Expires
Thu, 17 Mar 2022 05:16:50 GMT
image-350x250.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
18 KB
19 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/image-350x250.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e9d3f520c949ccbc4ecf8394f73fc03d560124a354e71898328a61c23666110f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Tue, 15 Mar 2022 17:34:45 GMT
Server
nginx/1.18.0
ETag
"6230ce35-48c8"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18632
Expires
Thu, 17 Mar 2022 05:16:50 GMT
0a0bf7c0-c318-11eb-8ba2-d303458b553c-350x250.jpg
nbnews.com.ua/wp-content/uploads/2022/03/
12 KB
12 KB
Image
General
Full URL
https://nbnews.com.ua/wp-content/uploads/2022/03/0a0bf7c0-c318-11eb-8ba2-d303458b553c-350x250.jpg
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
3a2936806762a9bbdf9ce051d413962ee4ab49ed68194f4defd969a4bd6ad7b2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:50 GMT
Last-Modified
Mon, 07 Mar 2022 14:46:15 GMT
Server
nginx/1.18.0
ETag
"62261ab7-2fcb"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12235
Expires
Thu, 17 Mar 2022 05:16:50 GMT
adagio.js
script.4dex.io/
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48855
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx2055eab3b3004c5cbbeb8-006230a27a
x-amz-id-2
tx2055eab3b3004c5cbbeb8-006230a27a
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
cloudflare
etag
W/"ad0d3c45f41a818ade0dc83d4b687ff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tms1pa62551D3etf7XrwyUr3ej1IJKZH%2FB1I1dRl3DcdAgNloN7dfNlVFS6CMjayl35cSN%2BnaBlTwVAzO20hsfida2zF3rUKm%2FV%2BUJlLfWo6sx1jHhshdKgaRnxi0bR3lNQkCAQOLEfMAclZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647354019224084
cf-ray
6ecb04e11c2276c5-LHR
access-control-allow-headers
Authorization
0.bundle.js
cdn.gravitec.net/modules/
9 KB
4 KB
Script
General
Full URL
https://cdn.gravitec.net/modules/0.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/63390a2a940b05076f34657e50682643/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-2550"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:29 GMT
cache-control
max-age=10
x-proxy-cache
HIT
1.bundle.js
cdn.gravitec.net/modules/
32 KB
8 KB
Script
General
Full URL
https://cdn.gravitec.net/modules/1.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/63390a2a940b05076f34657e50682643/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:50 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-8092"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:29 GMT
cache-control
max-age=10
x-proxy-cache
HIT
sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220314&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bf228f44d2456242ee12954512d31472aa7d12af0cad78fbebf79fc6213eac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10427
x-xss-protection
0
lato.woff2
cdn.gravitec.net/fonts/
14 KB
14 KB
Font
General
Full URL
https://cdn.gravitec.net/fonts/lato.woff2
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer
https://nbnews.com.ua/
Origin
https://nbnews.com.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-36dc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:28 GMT
cache-control
max-age=10
accept-ranges
bytes
content-length
14044
x-proxy-cache
HIT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/
151 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44fde6e344a1d3ec534a6d7861f61e6f2b9e5e9b0a7dfca6b94557ba066d0e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55005
x-xss-protection
0
server
cafe
etag
16185087181674788852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 05:16:51 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nbnews.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nbnews.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sourcesanspro.woff2
cdn.gravitec.net/fonts/
8 KB
8 KB
Font
General
Full URL
https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer
https://nbnews.com.ua/
Origin
https://nbnews.com.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-1e44"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:29 GMT
cache-control
max-age=10
accept-ranges
bytes
content-length
7748
x-proxy-cache
HIT
ads
securepubads.g.doubleclick.net/gampad/
28 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1556709287448595&correlator=133732251410149&eid=31064150%2C31065651%2C31061166%2C44756894&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=121764058%3A22575358486%2Cnbnews.com.ua%2Cnbnews.com.ua_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=3&adks=4212730454&sfv=1-0-38&ecs=20220316&fsapi=false&prev_scp=hb_format_smartadser%3Dbanner%26hb_size_smartadserve%3D728x90%26hb_pb_smartadserver%3D0.14%26hb_adid_smartadserve%3D2263e3f5d665e56%26hb_bidder_smartadser%3Dsmartadserver%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.14%26hb_adid%3D2263e3f5d665e56%26hb_bidder%3Dsmartadserver&cust_params=pubcid%3Dbc3aeb1c-6e27-4c4e-a15d-eee3c195b86c&cookie=ID%3Dea780bc5a55fe9b2-22633c615dcd0099%3AT%3D1647407810%3ART%3D1647407810%3AS%3DALNI_MZ18IG5Y69iXVBDf-sq1C1wLxfD8A&abxe=1&dt=1647407811138&lmt=1647407811&dlt=1647407809294&idt=1533&biw=1600&bih=1200&adxs=436&adys=1200&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fnbnews.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=1664&ohw=0&ga_vid=564873915.1647407810&ga_sid=1647407811&ga_hid=1390477920&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f8afd76205c636d6b2bae0d77ae4ddcbcc9d6e86ade452519cbb939220310f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12277
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nbnews.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E5B2
6 KB
4 KB
Document
General
Full URL
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 16 Mar 2022 05:16:51 GMT
expires
Thu, 16 Mar 2023 05:16:51 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/ Frame AC08
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 16 Mar 2022 03:06:09 GMT
expires
Wed, 30 Mar 2022 03:06:09 GMT
cache-control
public, max-age=1209600
age
7842
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6038107135689365&plah=nbnews.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Mar 2022 05:16:51 GMT
1981827874.jpeg
cdn.gravitec.net/images/users/1623373846334668800/
2 KB
3 KB
Image
General
Full URL
https://cdn.gravitec.net/images/users/1623373846334668800/1981827874.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
a7691cb1eefd69253e5c0a6189cc560aadce87ff0429c7e1f57d526a0e426631

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
public
date
Wed, 16 Mar 2022 05:16:51 GMT
last-modified
Tue, 22 Jan 2019 15:14:14 GMT
server
nginx
etag
"5c473346-8ee"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
2286
x-proxy-cache
HIT
css2
fonts.googleapis.com/ Frame AC08
5 KB
691 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c228e4c33b411f01f3b7a571d44342106847fea18082e174333341503e4f0f20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 05:13:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 05:16:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Mar 2022 05:16:51 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AC08
205 B
743 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Tue, 15 Mar 2022 21:50:23 GMT
x-content-type-options
nosniff
age
26788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 15 Mar 2023 21:50:23 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AC08
604 B
695 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Tue, 15 Mar 2022 20:23:17 GMT
x-content-type-options
nosniff
age
32014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 15 Mar 2023 20:23:17 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/ Frame AC08
19 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bda98b3494dbac9c731cd4d78488076699140bc89d6a2dedae7178794c558e31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 04:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8376
x-xss-protection
0
server
cafe
etag
6168205652129269979
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 04:55:11 GMT
css
fonts.googleapis.com/ Frame B4B2
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdc61b8df6e8af4f24e9acbaf8f4569dd1bf04fb2ae7424430627371478013d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 04:39:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 05:16:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Mar 2022 05:16:51 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame B4B2
2 KB
904 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 04:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 04:53:22 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame B4B2
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 04:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 04:59:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame B4B2
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 04:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 04:59:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4B2
117 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36369
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647258231097430"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Mar 2022 05:16:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame B4B2
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 05:07:28 GMT
7a99daadf072127ada89333d533e295f.js
www.gstatic.com/mysidia/ Frame B4B2
28 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11822
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 23:17:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 22:32:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD2E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 15 Mar 2022 21:37:38 GMT
expires
Wed, 15 Mar 2023 21:37:38 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
27553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame ECB6
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
648ee4f2c0e3b584249821e942f1c8d9973099b411935d8d9e90c12929eb3152
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kCLLRS7zbjfDF+dXYSwobw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 16 Mar 2022 05:16:51 GMT
date
Wed, 16 Mar 2022 05:16:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-kCLLRS7zbjfDF+dXYSwobw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Mar 2022 05:16:51 GMT
container.html
fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D2B
6 KB
3 KB
Document
General
Full URL
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 05:16:51 GMT
expires
Thu, 16 Mar 2023 05:16:51 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
pagead2.googlesyndication.com/bg/ Frame DD2E
35 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c372950a35c41d865890a2fa4ba31bb5896dc186dbb4ea0cc6522281e5f3d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 14 Mar 2022 18:51:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
123921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 18:51:30 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4D2B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CW5Duw3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSWAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ_keGWPLEwmwNUKkReuSDWiE5cfQB5vGJjrakk95JcoKVodcJsJ94AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjSACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=mbCAAEkYtQg&uach_m=[UACH]&cid=CAQSPACNIrLMtJAa7icrr9jHyHZCzKyIQjWPyUfiXvcoNs_cC3rS-rUgKvq1DETaPE1yEsIoE0kZRyYMStd5oBgB
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

winResponse
prod-rtb.ad4mat.net/ Frame 4D2B
0
0
Fetch
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g4sdt3gp5yk12sn8yybh6xhr7pahpcr9xr3mf4kk8m6n8atwv9xxxtq46bej63ta0a36wyremkavtyh3cp128696jtwtmby100j848k09ta18rnm75e4cqqnx3z96f1f9gk77qtmjwrxgafmj63x5afv3szz9j21xy6qrrtxpw0rc0wdmfdfzzq49d7kny13sgnpck60c1nartna05x2ntzwnr8kb02d1xm09bj1z8y9ngk4whc6ktexwjbyd8v9zgjy7008ke59xyte0nthgypw7h2kcmk2204h5gvxs2hgv1k6s2x0zv2qjzy0m1k6bbay2wyfqnrym3bdbgxww4335p8497qvs7xk58wb93yjkbh27c68smpnrq5yw2r7gdsvhcpzrs84erkpydn2wk0k0mh6x2yym&b=YjFywwADVRMK3o-LAAND37f4Njs-oSzG-Nlo4w
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 16 Mar 2022 05:16:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 3FF2
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1gjhjdfjsjapr33w4zmbm3vq16mzwbwwrv2ezm5hq0nnerybrc0j598mbjesgcawpq1q1qv8avsybxxaydphk5d0mhqfbv7p74z6xfdnq80sy6vaarj5m76dnzs6znw8hmspjpay0k3xh5a2rk4zcsjd8twq3q0ehfxbmbd1xxncpjdh9h30jg8nqhbypnzk18ajtxnwx6hrnvw5nwa89kaxp90rcf6ck03ggw4aghm4n9xkmecf07rjrzr7cqe38bkf4g7qnrarar8n8x28h4p8tma0e1bkdzt690t44d067dvr2qd5w7sf949j95w4hnhqr8536e6y0zdqrej4374fnxyrwgmwcykf5xjx78f9ahk5hnhxxbxqf71705hesfbhp36b5vdnwz2vfbv0jhm4b605cdmy414k4shjetebqtbasgn9tt6fynw8dcwjrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%26client%3Dca-pub-5512390705137507%26adurl%3D
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1611e9c760eabbf6291cebf74d526f1d81d741b1f7503a913044886e0b586d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ecb04e7ae4476d1-LHR
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 4D2B
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 04:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 04:59:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FFB7
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Tue, 15 Mar 2022 13:26:12 GMT
expires
Wed, 16 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
57039
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D2B
117 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36369
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647258231097430"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Mar 2022 05:16:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 4D2B
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 05:07:28 GMT
l
www.google.com/ads/measurement/ Frame 4D2B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQriy_YbVJ_Q_zn1WXwjD1EL_SkPFDbd3n9VbCxVVI2Wc5KM0_gbn5bQayVPB1aWjJoyG377iFVcwzQ5ypOMil75Oskag
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4D2B
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 14 Mar 2022 17:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Mar 2023 17:06:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame ECB6
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220314&jk=1556709287448595&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
pagead2.googlesyndication.com/bg/ Frame E1D0
35 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
Requested by
Host: nbnews.com.ua
URL: https://nbnews.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c372950a35c41d865890a2fa4ba31bb5896dc186dbb4ea0cc6522281e5f3d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 14 Mar 2022 18:51:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
123921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 18:51:30 GMT
pixel
cm.g.doubleclick.net/ Frame FFB7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMHA7-fsULf5BGp2GNg2xVI&google_push=AYg5qPLOVI8H2zBAUQJhv279jQ1uRM902krGyCz3TtEQJ3XZNzTTg46WeC...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMHA7-fsULf5BGp2GNg2xVI&google_push=AYg5qPLOVI8H2zBAUQJhv279jQ1uRM902krGyCz3TtEQJ3XZNzTTg46WeCJooVM20ywxRy_1PdMdJmccfMdQzKeh0r8GRH8n6s8
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.214.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s09-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1647407812.885406,VS0,VE93
x-served-by
cache-hhn4036-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMHA7-fsULf5BGp2GNg2xVI&google_push=AYg5qPLOVI8H2zBAUQJhv279jQ1uRM902krGyCz3TtEQJ3XZNzTTg46WeCJooVM20ywxRy_1PdMdJmccfMdQzKeh0r8GRH8n6s8
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame FFB7
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOuFsgM3xyYAP0fm0S1dLIU&google_cver=1&google_push=AYg5qPKMXgmvv9mCjDGQ-B_pK6X0J2wIkqHza1H_wubMztqC8jyLhUro4aTkrYQcefO22chOCiITbl0sRbayDpnhfg7pmxGAn9A
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FFB7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENhb-eTjW-Ws8Zg4FJOLVto&google_cver=1&google_push=AYg5qPIOfIRJHGnqlYoxK8n-Yt2Xu74B0pkSAi6sjSEOd4botsxPLSU2cKLtj2lS8X8PMPpu4jvoLkrRIZJTNlMtLXy-H3fimQ
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIOfIRJHGnqlYoxK8n-Yt2Xu74B0pkSAi6sjSEOd4botsxPLSU2cKLtj2lS8X8PMPpu4jvoLkrRIZJTNlMtLXy-H3fimQ&google_hm=NDE1NTg3ODA0NTA1NjI1NTQy...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIOfIRJHGnqlYoxK8n-Yt2Xu74B0pkSAi6sjSEOd4botsxPLSU2cKLtj2lS8X8PMPpu4jvoLkrRIZJTNlMtLXy-H3fimQ&google_hm=NDE1NTg3ODA0NTA1NjI1NTQyOA%3D%3D
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
216.58.214.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s09-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 16 Mar 2022 05:16:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIOfIRJHGnqlYoxK8n-Yt2Xu74B0pkSAi6sjSEOd4botsxPLSU2cKLtj2lS8X8PMPpu4jvoLkrRIZJTNlMtLXy-H3fimQ&google_hm=NDE1NTg3ODA0NTA1NjI1NTQyOA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame FFB7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEG3Q2iCAE44JRSQsEovRLiw&google_cver=1&google_push=AYg5qPJTYj9rVVBzwUmYNMp217V_uWqWj7N7mmvOyZqeU0Wo3xtwIg6Is2p0vpdLBbIvSPvo7Jht9kTlQmqCf...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEG3Q2iCAE44JRSQsEovRLiw&google_push=AYg5qPJTYj9rVVBzwUmYNMp217V_uWqWj7N7mmvOyZqeU0Wo3xtwIg6Is2p0vpdLBbIvSPvo7Jht9kTlQmqCf...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJTYj9rVVBzwUmYNMp217V_uWqWj7N7mmvOyZqeU0Wo3xtwIg6Is2p0vpdLBbIvSPvo7Jht9kTlQmqCfajZKCn6X9ssgg&google_hm=Y2M4TlBHWW54TUxhWGl4YW...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJTYj9rVVBzwUmYNMp217V_uWqWj7N7mmvOyZqeU0Wo3xtwIg6Is2p0vpdLBbIvSPvo7Jht9kTlQmqCfajZKCn6X9ssgg&google_hm=Y2M4TlBHWW54TUxhWGl4YWFxMUE=
Protocol
H3
Server
216.58.214.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s09-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:52 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJTYj9rVVBzwUmYNMp217V_uWqWj7N7mmvOyZqeU0Wo3xtwIg6Is2p0vpdLBbIvSPvo7Jht9kTlQmqCfajZKCn6X9ssgg&google_hm=Y2M4TlBHWW54TUxhWGl4YWFxMUE=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
234
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FFB7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD...
0
0

exptsync
ads.yieldmo.com/ Frame FFB7
0
35 B
Image
General
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEFvaiqRENYOWgKKfc9X6rcU&google_cver=1&google_push=AYg5qPIQH3IgKQh-dItkb5ShTcqqGPN4_gNV07h-o-a17wlPvKaaKkGS60HRHOgheiDt8LXTd6CUAjLRDE2r3rBdypzTkECxChY
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.53.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-53-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
pixel
cm.g.doubleclick.net/ Frame FFB7
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDpAFSNCIhpFKxtbkKRqhZc&google_cver=1&google_push=AYg5qPLBaG02WDQmZiNJ0gV2JHk7-A2tCEoikJq_p3i6tfeoIQhDTKqz2OwJbmRoKZq8oWqTG15-M6hGByYF5moeD...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjY1YWQwMDQtYTk4OS00OTNjLWEyZTUtZDQ1MjczMTdhZmEy&google_push=AYg5qPLBaG02WDQmZiNJ0gV2JHk7-A2tCEoikJq_p3i6tfeoIQhDTKqz2OwJbmRo...
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjY1YWQwMDQtYTk4OS00OTNjLWEyZTUtZDQ1MjczMTdhZmEy&google_push=AYg5qPLBaG02WDQmZiNJ0gV2JHk7-A2tCEoikJq_p3i6tfeoIQhDTKqz2OwJbmRoKZq8oWqTG15-M6hGByYF5moeDSiMXTuq2Ghy
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
216.58.214.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s09-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjY1YWQwMDQtYTk4OS00OTNjLWEyZTUtZDQ1MjczMTdhZmEy&google_push=AYg5qPLBaG02WDQmZiNJ0gV2JHk7-A2tCEoikJq_p3i6tfeoIQhDTKqz2OwJbmRoKZq8oWqTG15-M6hGByYF5moeDSiMXTuq2Ghy
date
Wed, 16 Mar 2022 05:16:51 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame FFB7
0
223 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ipd4iP3R4ZM6K3jyqbgz4qrnvGr9Jg9fEHuM60SJx2XzLblI5vB1RjI4ZpY0XU4Ja-vx8cew
Requested by
Host: fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
URL: https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s09-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame DD2E
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?R3E_xQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
syncframe
gum.criteo.com/ Frame 9985
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nbnews.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1486
date
Wed, 16 Mar 2022 05:16:51 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Mar 2022 05:16:51 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 3FF2
81 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gjhjdfjsjapr33w4zmbm3vq16mzwbwwrv2ezm5hq0nnerybrc0j598mbjesgcawpq1q1qv8avsybxxaydphk5d0mhqfbv7p74z6xfdnq80sy6vaarj5m76dnzs6znw8hmspjpay0k3xh5a2rk4zcsjd8twq3q0ehfxbmbd1xxncpjdh9h30jg8nqhbypnzk18ajtxnwx6hrnvw5nwa89kaxp90rcf6ck03ggw4aghm4n9xkmecf07rjrzr7cqe38bkf4g7qnrarar8n8x28h4p8tma0e1bkdzt690t44d067dvr2qd5w7sf949j95w4hnhqr8536e6y0zdqrej4374fnxyrwgmwcykf5xjx78f9ahk5hnhxxbxqf71705hesfbhp36b5vdnwz2vfbv0jhm4b605cdmy414k4shjetebqtbasgn9tt6fynw8dcwjrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gjhjdfjsjapr33w4zmbm3vq16mzwbwwrv2ezm5hq0nnerybrc0j598mbjesgcawpq1q1qv8avsybxxaydphk5d0mhqfbv7p74z6xfdnq80sy6vaarj5m76dnzs6znw8hmspjpay0k3xh5a2rk4zcsjd8twq3q0ehfxbmbd1xxncpjdh9h30jg8nqhbypnzk18ajtxnwx6hrnvw5nwa89kaxp90rcf6ck03ggw4aghm4n9xkmecf07rjrzr7cqe38bkf4g7qnrarar8n8x28h4p8tma0e1bkdzt690t44d067dvr2qd5w7sf949j95w4hnhqr8536e6y0zdqrej4374fnxyrwgmwcykf5xjx78f9ahk5hnhxxbxqf71705hesfbhp36b5vdnwz2vfbv0jhm4b605cdmy414k4shjetebqtbasgn9tt6fynw8dcwjrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%26client%3Dca-pub-5512390705137507%26adurl%3D
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
564702
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Mar 2022 16:25:09 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ecb04e8be6771fb-LHR
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 3FF2
35 KB
13 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gjhjdfjsjapr33w4zmbm3vq16mzwbwwrv2ezm5hq0nnerybrc0j598mbjesgcawpq1q1qv8avsybxxaydphk5d0mhqfbv7p74z6xfdnq80sy6vaarj5m76dnzs6znw8hmspjpay0k3xh5a2rk4zcsjd8twq3q0ehfxbmbd1xxncpjdh9h30jg8nqhbypnzk18ajtxnwx6hrnvw5nwa89kaxp90rcf6ck03ggw4aghm4n9xkmecf07rjrzr7cqe38bkf4g7qnrarar8n8x28h4p8tma0e1bkdzt690t44d067dvr2qd5w7sf949j95w4hnhqr8536e6y0zdqrej4374fnxyrwgmwcykf5xjx78f9ahk5hnhxxbxqf71705hesfbhp36b5vdnwz2vfbv0jhm4b605cdmy414k4shjetebqtbasgn9tt6fynw8dcwjrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-goog-hash
crc32c=i40RNw==, md5=nlnmslSy2ZaL7/XdQ+Tixw==
date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49666
x-guploader-uploadid
ADPycdsq0QTBfQW27XjM34VSjhVgixg8xkoSJ8AB0XVDcPiwCNLGyIcDjeBVOPi8JW1rPXVi8G5FbNkaa4ynlHXyAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Mar 2022 15:28:50 GMT
server
cloudflare
etag
W/"9e59e6b254b2d9968beff5dd43e4e2c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDORbuXNwQWwveskrUL1neKJl5WsrlZbFUdnc%2BnirNx6aECUz1aSMz1umQwTmPt2d4lzzMtAEO64H8SeZR%2Fwj3VJMrRoaaEsWCE49%2B%2BDy4QNIzvEQbAlGRQKYk%2B9gikApeyqD6c%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647358130172556
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11881
cf-ray
6ecb04e88ed376d1-LHR
expires
Tue, 15 Mar 2022 15:29:05 GMT
truncated
/ Frame 4D2B
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79736d07ba6ed8698591052941e7293798117a0ad17d0cfa6390ef133e004438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3FF2
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Wed, 16 Mar 2022 05:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7937772
x-guploader-uploadid
ADPycdvQu8rzdRrs97enjvGnGemL_nNn_z_RSZB83DHfe2cfB-xpEUBD4BQhQyZG4qi6ZI9TUspp2S0YgzaqlNWuYIyIg2GVkA
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUlpZ15lFaahkkcQPfu8HQ9b5kmdyrp%2F9DvgcFXt4T8kg5jPiDKcxAQ%2BRFCQeBpw2rxMVd4WMbW94UuMyqbTr7FL6%2FZD6b44iD2F9SRHo%2FXQgNtdgNH2q5Z%2BO4iJcVMwAxMtySLNR1UUO7Fx7XjS4nBs"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6ecb04e9dc6171a8-LHR
expires
Wed, 14 Dec 2022 08:20:40 GMT
sid
mug.criteo.com/ Frame 9985
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nbnews.com.ua&sn=ChromeSyncframe&so=0&topUrl=nbnews.com.ua&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=rTkdTXxFVzJwQmJMWlU0aTV3d1FhNmJJTmhwZG1HZGRQM0R5R2dVK2tmK011bjJSTjJHMzFueHhMdU9oNDMwQzQxZUVUNGxEOVZPaGJ4WkUwRnFwU05hQWZxNTArZXhiemtMbWZ0YU5xK2QyQWx1RUw2bXd4NklJL29JMz...
441 B
638 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=rTkdTXxFVzJwQmJMWlU0aTV3d1FhNmJJTmhwZG1HZGRQM0R5R2dVK2tmK011bjJSTjJHMzFueHhMdU9oNDMwQzQxZUVUNGxEOVZPaGJ4WkUwRnFwU05hQWZxNTArZXhiemtMbWZ0YU5xK2QyQWx1RUw2bXd4NklJL29JMzVTeVMzSVppZVcwclVnSWVkaVhMWW05enJNZGQ2Uldwb0RSUFZ6ZUJOZzFudCs0cTlYSUdEaFpQM3YvZDJMSHRwdEV3clZCUGw4R0pIZEk0eEtkNzR3WE5OOWtBM2phTlg3RXFyZUJzNkFoZUhVRlNtaUJZUnU2KytDVERXWGRNWXdkR25PNUFjd3YyT1dJTHVGL2djaS9oTUdzQ29Jdz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
83339ddea3a74766ccc52afdb0e672a3440ba11ea210e40e1b8e62f50337db82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4603
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:51 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=rTkdTXxFVzJwQmJMWlU0aTV3d1FhNmJJTmhwZG1HZGRQM0R5R2dVK2tmK011bjJSTjJHMzFueHhMdU9oNDMwQzQxZUVUNGxEOVZPaGJ4WkUwRnFwU05hQWZxNTArZXhiemtMbWZ0YU5xK2QyQWx1RUw2bXd4NklJL29JMzVTeVMzSVppZVcwclVnSWVkaVhMWW05enJNZGQ2Uldwb0RSUFZ6ZUJOZzFudCs0cTlYSUdEaFpQM3YvZDJMSHRwdEV3clZCUGw4R0pIZEk0eEtkNzR3WE5OOWtBM2phTlg3RXFyZUJzNkFoZUhVRlNtaUJZUnU2KytDVERXWGRNWXdkR25PNUFjd3YyT1dJTHVGL2djaS9oTUdzQ29Jdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1557
content-length
541
expires
0
frame.html
ad4m.at/ Frame 93EF
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Wed, 16 Mar 2022 05:16:52 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdtPTOxIy8eph3J0dOlqncYRYvyHE33xMwmzBvRZSIV8hC_HVa0oDeW2ie_7JQOxjXeYtyDcUJJOBx1kA_9lxbDZ3mo7yQ
expires
Wed, 16 Mar 2022 06:16:52 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
1459872
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gwj2x6HJt1ugMaAqb%2F5quc7i5cR1SrdURcQriSBAXRz3%2FNrFXNQ9BRkh0AgB5hebeDd6c5vu3gOAkKKiZfjwJn6PXI91dvPmC51ftBJ0YwXZ7ovht5%2FUagEihrm5qnh4cOX%2Bl80%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ecb04e94ec571fb-LHR
content-encoding
br
rs
ad4m.at/ Frame 3FF2
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e889dc56c68944256f7204840c0f1aac819962a5e5cdd289cea254e29aa355

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6ecb04ea8a7075cb-LHR
date
Wed, 16 Mar 2022 05:16:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1afvSf3WPboc%2BuBVFHnjO9uHbpsTysXGy6wHbZ%2FPpug7IzlXAI01QfT%2BPT5OOBEIz8y9WuUnFf9I3wlK1ajTN9%2BokG1ONe5ytc%2FgWzEvr0vllVurT5lcayjsE3N4upQ2JQYNvxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-lw8q
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Mar 2022 05:16:52 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-lw8q
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZEbF%2BoZcjBOvX97m8jtX8BZNwms7NwwqFafxzMi%2Ff5ZBra5vN3hiuauQ7dsxXCmMJqJU4Hv7zZifb%2BU%2BeOUNtNB2gftsI%2BxXU8Yz72BhE3kIcVVMOUuvizw6ctxbhRKlo2s3mo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ecb04ea1a1f75cb-LHR
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220314&jk=1556709287448595&bg=!3t2l3ZnNAAZgliNcYJY7ACkAdvg8WuJuK5S-W3Wyp07E896u-mhYfjqB3RlThLdiEoiyPKfI4n1huwIAAACvUgAAAANoAQeZApErLrd9aOWBox-eqQCpX3eboCc7H2yXPmuLyg9Ibacfz_q3H55Qm0LT6ew504pZnNnVlIvRb-LQPbifSZNdnkmj9HO28tipuuVFmnOz55fhYUPCwSn6iFLFCaafbAifI12UISQ9mG9s-StXN9wQpoMeNnRIZ3RzHa8PFoudUCNsh4HAD25_S8mmRCikppMDSgP2DqmEBQkk3ysipMezUj55JTheBdK-JMiYxWJnjcMsinlUSqAjOkOzTcYtzrHrKee1Iv_zZFrJKDW7tAi9g9QjjIUpcLz4HWTgnWcXsF6Tq4yw1BMVWbULvMhT5CPfqaaeqFrGsNSM_w-ldGerqsbptRyzkkLSEJ0rQRTdIBFeK40wxq09hguuNMsEYCfPFMMV9nB2Y6H0l4j0oMGRbkZtmWTPL1KIZ5wT8gkilm0dnLLXKX-zdrigOE-2HE2A0pPt7E4Ht3_upuvqnihbjapbtBFh6dAVNCY13M8ucUULrQ-3gk_vaX7j2-PoRDQHmv6YrL8eGCOMcTecj1xynu1D62Z3KT6S1BKOACI6w4YfCucmBR_WqfuX1zM_m8gmN1yH-QJz_biaIxqvOTcl_-ItNJBnfKHHRnQVOw7g0Kar3rM2WV7Wi6gl3toA0nvYd6d7ijx_nIPvCtrHFojlZs27puJFm-iw7kzjYvV9PmCye6DRQNO3HoRXwpdoRzEFcN3DI5kdA94pQ5aho9Y2MKu2X51Ot3eZwLNfDJgf9Z0pqxIYZLezaGpNXukVbL6gQ9O087t3zqyQZ1jPF8UiGUqYH22QobWNiYi6DhISZy55DzQZ86OPWGWRnoyycupR1s_CGT5fylMGPWX2HkAf2KUr_bxhu7DTg0Wr_jhfj3ngoQs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 8422
7 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b88c9ebb16484a2ffea36aa30c948c61342e1f8eff2f7b092e9aff3e366c24bd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gjhjdfjsjapr33w4zmbm3vq16mzwbwwrv2ezm5hq0nnerybrc0j598mbjesgcawpq1q1qv8avsybxxaydphk5d0mhqfbv7p74z6xfdnq80sy6vaarj5m76dnzs6znw8hmspjpay0k3xh5a2rk4zcsjd8twq3q0ehfxbmbd1xxncpjdh9h30jg8nqhbypnzk18ajtxnwx6hrnvw5nwa89kaxp90rcf6ck03ggw4aghm4n9xkmecf07rjrzr7cqe38bkf4g7qnrarar8n8x28h4p8tma0e1bkdzt690t44d067dvr2qd5w7sf949j95w4hnhqr8536e6y0zdqrej4374fnxyrwgmwcykf5xjx78f9ahk5hnhxxbxqf71705hesfbhp36b5vdnwz2vfbv0jhm4b605cdmy414k4shjetebqtbasgn9tt6fynw8dcwjrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%26client%3Dca-pub-5512390705137507%26adurl%3D

Response headers

date
Wed, 16 Mar 2022 05:16:52 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ecb04eaffe271fb-LHR
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 8422
81 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
564703
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Mar 2022 16:25:09 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ecb04eb883f71fb-LHR
cf-bgj
minify
A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 8422
15 KB
15 KB
Image
General
Full URL
https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-goog-hash
crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date
Wed, 16 Mar 2022 05:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110975
cf-polished
origFmt=png, origSize=26777
x-guploader-uploadid
ADPycdv6mkK-RMqF2yzYJXFODI9Q5b3cRORSsm66vtQEoJp5ZwRCtDuV6ZfD8_jgVXuYgmdMPz7Jg42G00FzKmsdBlJgAPaNfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
last-modified
Tue, 07 Jul 2020 09:20:40 GMT
server
cloudflare
etag
"018a5f3736332bfa050998ec8f72beb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNmHwu1O8LCL8PSpItH7XqASxLx7gbJQIrzC1t3gkaDxtJjycilnen7FThm%2BxLRfQ3OVM4ZGgD82tGC2iTYv1jr%2BBwgoAPuOitQYhufep1F0i65gqoPbrzPSzc5hgzhZTpqpPLUbKelSsPjh"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594113640078278
content-type
image/webp
expires
Thu, 17 Mar 2022 05:16:52 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
26777
accept-ranges
bytes
cf-ray
6ecb04eb986776d1-LHR
cf-bgj
imgq:85,h2pri
CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 8422
382 KB
383 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-goog-hash
crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date
Wed, 16 Mar 2022 05:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
953399
cf-polished
origFmt=png, origSize=588465
x-guploader-uploadid
ADPycdtOhQNIopoqK9XuJHYUN34FShRTEY82opriXtZHFRsvv9Ut_806WZ5W3OV39928EYvrXhI4UMUp_9UF1klb3dA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
391402
last-modified
Fri, 22 Oct 2021 09:31:50 GMT
server
cloudflare
etag
"6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDIuKY2E1ewVXa4IYZteUv2NMFt4h0SIkOofEQYMDWw3Dl3NLy9Z1LBzgwY2kCEaJb%2FhOAw4%2Fqsh7PQ%2Brs26kuoNejymh9Qaf%2BsJawumaoAQLgyte5GbJxJmBggbd3s1ypJxO8VurZRGsjHn"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634895110632642
content-type
image/webp
expires
Thu, 17 Mar 2022 05:16:52 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
588465
accept-ranges
bytes
cf-ray
6ecb04eb986d76d1-LHR
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 8422
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidP5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746oneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_P...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidP5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746oneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_N...
0
629 B
Image
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidP5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746oneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
H2
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:45 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 16 Mar 2022 06:16:46 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 16 Mar 2022 05:16:52 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
52C78229:AABC_91EFC182:01BB_623172C4_D8AF066:F723
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidP5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746oneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 8422
18 KB
19 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Wed, 16 Mar 2022 05:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110947
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdv6B20NNsXNmsw4xi3jj2egIxkOMNiCQtjNvmky51iR8hjQ8wV-N3T4vYd02LaMvQKHINM_di_UJWxAykKCS6c
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sPFHGA3bebNU%2FM3CiDc21d8Mhr%2F4UMo%2FNcJfSpKBAWImjkhCaK7%2FEkSAA5b0CemXZPl8L32zYrIV7OAVjhS2y4SQhsKgybnUktZSg3DYIAXQMVO%2FoPvW9PPcnhyX9eE%2BkF7Z0EYbmQicEjC"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Thu, 17 Mar 2022 05:16:52 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6ecb04eb986876d1-LHR
cf-bgj
imgq:85,h2pri
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 8422
9 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-goog-hash
crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date
Wed, 16 Mar 2022 05:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116694
cf-polished
qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid
ADPycdvbJ9fIc52oet8W54EE-3qOj5FK9LwK_3iOY0OdVPPS13AeOLzcPj4vNwwG5evQWllGG95Ugm1uwDpzV3LutHTHO-a0xw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IW1f4Jo6OotmeFCBGtCabSgNeP7dir3IHRs%2FJ8nm16cD9TZeUxOntVP2YuI2CHFXrTvoP%2FTyMnkMcLbxDan%2BiaCfxQBDIZ1iWgFD8rtqYMvHdtLh2HQzOIrZcDp0%2FcdHhu3UaWJ7gC5hK4Jb"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1638198195167024
content-type
image/webp
expires
Thu, 17 Mar 2022 05:16:52 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
83479
accept-ranges
bytes
cf-ray
6ecb04eb986976d1-LHR
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 8422
43 B
705 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wGoneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:52 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 8422
38 KB
38 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Wed, 16 Mar 2022 05:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110566
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdt6m8VmIDv7PpkQgGqV0z3KjdtNY5CoWD7QJKkh87-j5ExcVq22jAUJbY9M28abohXks7sBMqoa5IbggT4gm4vCBND9AQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68YWJscBB%2Feb%2FhDC%2B%2FgbgzP5P2a6DaNSMl1T%2BfzwZWlMp2FZf9yc%2BHsm5AfJKgVovAXMWAi%2FK%2FQ6W%2BzeI%2B20xfpBwkPvTEc%2BzQmeWbFRFwqfT8DSpxsGCRYxqVwenuwusrM74m4xBoDJ6Xrk"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Thu, 17 Mar 2022 05:16:52 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6ecb04eb986a76d1-LHR
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 8422
84 KB
84 KB
Image
General
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Wed, 16 Mar 2022 05:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1965332
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdusqPbP08HyPZglqU1h0LHxxLxaVZ4eSQ8L-HDrMWBqwdmIeQPfXvT95EjfDxTUqj_zV7nOd1YGq057l8mBykc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHE%2F9OsTdbTKuGim2BWdaiPZlBDTbJAsVPeiYCdimsri6k5R3gxIvwFFKDJzd6ayBTruYtR%2BPbfQKXafwNvEIaI%2BXLvGSd5Hw9mQcgD3y15BuIBNFokNSnhXwU2oOaIEXP%2B96Z4bFIO7Hvln"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Thu, 17 Mar 2022 05:16:52 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6ecb04eb986b76d1-LHR
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 8422
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gme8vv8s24jf89jyp2nmfm1v35rwz4ahtb6wfz01qhw36qh4az8jgvaszbmsnwk2cg5gbghp36dwy9rawjbfawbwz3a15672wcnrk56x7syawb95qysn02fjys6btvrab7zkmq9w4zyey9jqym84wt57mrd904f70habe1jmefe4s0sjyx0b3fzhg5sgy2dfmmmmtgp0hcpjrcvnqcanbwx5jhvgg103px3gkn7w3pnc73a30rqbrsbg23cj51drxcwqr88rnwpxn0q43qj31nsn4q0hha6x5yqex8ckrzxpkbk8j0ejr7h%26a%3D&clickref=oneidp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ewoneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&viewref=oneid5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqxoneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
145e9276794f76c0cd79ef451ee712010eaf617092e19372f61f1edc318538b4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:52 GMT
Last-Modified
Wed, 16 Mar 2022 05:16:52 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1476
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 8422
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gme8vv8s24jf89jyp2nmfm1v35rwz4ahtb6wfz01qhw36qh4az8jgvaszbmsnwk2cg5gbghp36dwy9rawjbfawbwz3a15672wcnrk56x7syawb95qysn02fjys6btvrab7zkmq9w4zyey9jqym84wt57mrd904f70habe1jmefe4s0sjyx0b3fzhg5sgy2dfmmmmtgp0hcpjrcvnqcanbwx5jhvgg103px3gkn7w3pnc73a30rqbrsbg23cj51drxcwqr88rnwpxn0q43qj31nsn4q0hha6x5yqex8ckrzxpkbk8j0ejr7h%26a%3D&clickref=oneidp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ewoneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&viewref=oneid5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqxoneid__asuidzGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyIasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
1426
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 16 Mar 2022 04:53:06 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
51794
x-amz-cf-id
FPe98oDfEuDMkqaydf6idTXQGyCl8PVkd_LXzKEK2OgzWNancn01uw==
link.html
track.webgains.com/ Frame 8422
85 KB
85 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqxoneid__asuid0Y704fJ-wo4IMSMKAWF1RwP3YmuQuwjLasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=P5XaBfbfDE2T7CjHbtMtK7xCJS9TP6dU746%2Cz6KsRfYf92BTeCBHMtqtjkECVSwTgPVc8wG%2C5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqx&f=bAzTQfZfeDWS7CbHzt8C1d8fbSJT5BpcgdK%2C83ghDf8fZBGHkCJHEtqCXjRUGSwT8Azhp5b%2Cp45T1fgfj9WfKC4HmtJCQ7Yh9SRTEDBc5ew&c=728&d=90&e=zGCAqrwZWqa5nW0L8HPdGGyfoBJ3ikyI&g=0ec814be9e5f19eb146332153c6157c6%2F18136943071285322084&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_Mweb_PRIVATKREDIT&r=1647407812264&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0rnsmjne7p8hwm5vpngc7jaaezyyr0w0m09tqpe79dtjxza6gqv3nfa55y0q3zkfx72k17epp4fqdqr8fv5s9fxqt66yjamfc2jfqdgt9x54hsy7qs77wt441h9qvp1yjatyamrsqvar4ybmtvg0tt0g8fcdg23vnaxpvxh69pyhs1z4p7rjkmkcer308eh4wbqvqvca6dccv29r8zrm838jtyqv05rqxc6h5a1ebdfhk9wvsp0sanpy1kgry29cswfn9pvd2h92mb0etkd03m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgPk3w3IxYpOqDYuf-gbfh43wD437rPZh6L29tpYHwI23ARABIABglQKCARdjYS1wdWItNTUxMjM5MDcwNTEzNzUwN6ABwq7o3QPIAQmpAs-oIhDpZbI-4AIAqAMBqgSZAk_Q7jiSl-knGtNImnbjtEMpgzYeU3SPU6mtZy9MudALkGK_avKmhepsx8tirFoGPrXGIN1nBH3sbZekWsTi1y5By0dFVBsyy52lJ7YwC4zl7A6xugdrzqSPys5TVJe9OwWlL2gheQVdZbj3MsSmN1NWST0PLWxEYdq7l1_47dxuMts-XxhCoupsnXU5xbI2Q9DMMrUoTOSGqMhIKamr0c14E80dpnE7A3-7mzlvsC8z_hdNWzJWGvTqPE7t8nSpEhlbFdP_b_BpawgUgbIgpgOKWwGO7EE4s-8X5Ymd3_OTHUnFbykyEuFSZpDcRINJJ7scOPEc6o7w_cXk2UWumu7A_s19DbXe87Bsrtj1zNsmTlKAuYK1yPIc4AQBgAbtq870veXwh4cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ3MTMwOTY1MDI3MDA4NjT6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3Gpi7mKTDHz2gU2qHhOnAvNun9LA%252526client%25253Dca-pub-5512390705137507%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:52 GMT
Last-Modified
Wed, 16 Mar 2022 05:16:52 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D2B
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWxgn6AfYWGNZoK9M8Vuewfe9-PXa7nOnIvYPtFIRua0g3-TK29D0Ke8H6__3B1RIdGN2zEvhX8iZPoimaqBW3EQ&sig=Cg0ArKJSzKI8K4s7gDDtEAE&cid=CAASF-RoTQqa9TL78mx5uk1BhSOG6KMbLfg7&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4212730454&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647407811504&rpt=365&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nbnews.com.ua
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 16 Mar 2022 05:16:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nbnews.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
optad360.js
serving.stat-rock.com/player/
310 KB
98 KB
Script
General
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/564a6519-2a0d-11e9-9ba0-06dc070e0e6e/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.128.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap16.adplayer.pro
Software
nginx /
Resource Hash
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:53 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 09:47:13 GMT
server
nginx
etag
W/"61f118a1-4d83b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
openrtb
adx.adform.net/adx/
0
407 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://nbnews.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
27d021d7b4f7adcb5af5f86b29b346a354ab3a84b0c99daf4a12b26c226cb48d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:53 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
32e35a7f-6051-4aa9-9a73-2c052b8448df
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nbnews.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tracking-event
api.webgains.io/ Frame 8422
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Mar 2022 05:16:54 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Mar 2022 05:16:53 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnbnews.com.ua%2F&domain=nbnews.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://nbnews.com.ua
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://nbnews.com.ua
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1159
date
Wed, 16 Mar 2022 05:16:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnbnews.com.ua%2F&domain=nbnews.com.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=JMZF63w2QnowTkV2QVVYSHBHMDVya1ltVlpqYTFRcGFaRk5ieEk0d3RwcjhCZk0rbkc1L1hnNVlrRmNnWWlTUTV3eUVZL2FqdEdDamZDNzcrZHgyTmx2T0lDNnRvajI3OUpRdnhuK2ZuS3JkL09SVTNQS0RmVTkvL3ZsaX...
427 B
662 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=JMZF63w2QnowTkV2QVVYSHBHMDVya1ltVlpqYTFRcGFaRk5ieEk0d3RwcjhCZk0rbkc1L1hnNVlrRmNnWWlTUTV3eUVZL2FqdEdDamZDNzcrZHgyTmx2T0lDNnRvajI3OUpRdnhuK2ZuS3JkL09SVTNQS0RmVTkvL3ZsaXZScHJWUDBucmpxQmFFREQwV05xYkJqTTIzYkRXSFpPZXhRQXVWSGhiN0JxWEF0c0tyZ0QwMlZ5L0JGOTdlZzNsNGUrcG53SnhRTFZoNGZrMWRGWE9sbFQ0d29MVTZxdzJsZlV5SFV0SHZBRFUwYlNmQnBuMWprb1UrdXlGRTMyVVBLZmdnVEprdGtMazk5NjRYWC9CWDdxYk5aNXkzZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7e804b143f8e7b0e203daaac1db97c48d7268640a339150b8bb4673f9f77f75f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:54 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3036
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:53 GMT
location
https://mug.criteo.com/sid?cpp=JMZF63w2QnowTkV2QVVYSHBHMDVya1ltVlpqYTFRcGFaRk5ieEk0d3RwcjhCZk0rbkc1L1hnNVlrRmNnWWlTUTV3eUVZL2FqdEdDamZDNzcrZHgyTmx2T0lDNnRvajI3OUpRdnhuK2ZuS3JkL09SVTNQS0RmVTkvL3ZsaXZScHJWUDBucmpxQmFFREQwV05xYkJqTTIzYkRXSFpPZXhRQXVWSGhiN0JxWEF0c0tyZ0QwMlZ5L0JGOTdlZzNsNGUrcG53SnhRTFZoNGZrMWRGWE9sbFQ0d29MVTZxdzJsZlV5SFV0SHZBRFUwYlNmQnBuMWprb1UrdXlGRTMyVVBLZmdnVEprdGtMazk5NjRYWC9CWDdxYk5aNXkzZz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nbnews.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1981
content-length
541
expires
0
rid
match.adsrvr.org/track/
109 B
541 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e2eb67a6ecf5f823a5621f4f17dec7cbd82264098311536b7498d81d86699c75

Request headers

Referer
https://nbnews.com.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Mar 2022 05:16:54 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nbnews.com.ua
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 15 Apr 2022 05:16:54 GMT
/
onetag-sys.com/usync/ Frame D4D5
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1647407810684&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame D82D
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Wed, 16 Mar 2022 05:16:54 GMT
Content-Length
1388
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4BD0
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 16 Mar 2022 05:16:54 GMT
Age
85489
X-Served-By
cache-lga21939-LGA, cache-hhn4023-HHN
X-Cache
HIT, HIT
X-Cache-Hits
169779, 1228518
X-Timer
S1647407814.283124,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 91E7
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 16 Mar 2022 05:16:54 GMT
Age
85489
X-Served-By
cache-lga21939-LGA, cache-hhn4036-HHN
X-Cache
HIT, HIT
X-Cache-Hits
169779, 1211601
X-Timer
S1647407814.282064,VS0,VE0
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 392B
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?informer=13408698
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/

Response headers

Date
Wed, 16 Mar 2022 05:16:54 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod
ad_ap1ams1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fJmcA450kmO0&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
424 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fJmcA450kmO0&ev=1&pid=560288&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:54 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fJmcA450kmO0&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-lk6nr
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7075562684309174417&gdpr=0&gdpr_consent=
43 B
667 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7075562684309174417&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:53 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7075562684309174417&gdpr=0&gdpr_consent=
Date
Wed, 16 Mar 2022 05:16:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
711890.gif
id.rlcdn.com/
0
0
Image
General
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=9bfada24aa&gdpr=0&gdpr_consent=
43 B
439 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=9bfada24aa&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:53 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 16 Mar 2022 05:16:54 GMT
Referrer-Policy
origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=9bfada24aa&gdpr=0&gdpr_consent=
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Connection
keep-alive
X-Content-Type-Options
nosniff
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=fac4c61e-8efd-4abd-97a4-5a11ddd7caa0&gdpr=1&gdpr_consent=
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=fac4c61e-8efd-4abd-97a4-5a11ddd7caa0&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:54 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=fac4c61e-8efd-4abd-97a4-5a11ddd7caa0&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
299
truncated
/
630 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/svg+xml
/
nbnews.com.ua/
289 KB
46 KB
XHR
General
Full URL
https://nbnews.com.ua/
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.1.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.1.243.136.clients.your-server.de
Software
nginx/1.18.0 / PHP/7.4.28
Resource Hash
3528fe239f114a89058779abe7a4de6048b63c66bb89d5b848eb0efb69656c89

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nbnews.com.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:54 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
X-Powered-By
PHP/7.4.28
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Link
<https://nbnews.com.ua/wp-json/>; rel="https://api.w.org/", <https://nbnews.com.ua/wp-json/wp/v2/pages/378292>; rel="alternate"; type="application/json", <https://nbnews.com.ua/>; rel=shortlink
1
serving.stat-rock.com/v1/log/js/
35 B
167 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1647407814216.9355&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fnbnews.com.ua%2F&t=401&v=102.1&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.46334145135239835
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.128.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap16.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://nbnews.com.ua/
Origin
https://nbnews.com.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

access-control-allow-origin
https://nbnews.com.ua
date
Wed, 16 Mar 2022 05:16:54 GMT
srvf
144.76.128.227
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/
35 B
166 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1647407814216.9355&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fnbnews.com.ua%2F&t=409&v=102.1&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.17155004875844582
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.128.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap16.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://nbnews.com.ua/
Origin
https://nbnews.com.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

access-control-allow-origin
https://nbnews.com.ua
date
Wed, 16 Mar 2022 05:16:54 GMT
srvf
144.76.128.227
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 91E7
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:54 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
afab23b1-aa0e-4701-8869-d1004fcba777
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4BD0
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:54 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1589950b-7db7-4c63-9ae5-3d7917a0d2b3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=JMZF63w2QnowTkV2QVVYSHBHMDVya1ltVlpqYTFRcGFaRk5ieEk0d3RwcjhCZk0rbkc1L1hnNVlrRmNnWWlTUTV3eUVZL2FqdEdDamZDNzcrZHgyTmx2T0lDNnRvajI3OUpRdnhuK2ZuS3JkL09SVTNQS0RmVTkvL3ZsaXZScHJWUDBucmpxQmFFREQwV05xYkJqTTIzYkRXSFpPZXhRQXVWSGhiN0JxWEF0c0tyZ0QwMlZ5L0JGOTdlZzNsNGUrcG53SnhRTFZoNGZrMWRGWE9sbFQ0d29MVTZxdzJsZlV5SFV0SHZBRFUwYlNmQnBuMWprb1UrdXlGRTMyVVBLZmdnVEprdGtMazk5NjRYWC9CWDdxYk5aNXkzZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
939
date
Wed, 16 Mar 2022 05:16:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 7EAE
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b1cb75fc018a41150568ef1e3ee4e79e1a90d690a262f9a1c0297c9df3c3d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|39|241|8|73|111|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 16 Mar 2022 05:16:54 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:54 GMT
Content-Length
1552
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 7EAE
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.214.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s09-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7EAE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjFywwCwPvVY2M7NjdbxTwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAus1qhm3CoIH5OjLMZIDNA&google_cver=1&gdpr=1
43 B
1000 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAus1qhm3CoIH5OjLMZIDNA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Mar 2022 05:16:54 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAus1qhm3CoIH5OjLMZIDNA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7EAE
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 7EAE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8XW6HP6FE372K4SWJF1R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R0P0KRVJDEAYSV8PXXHT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7EAE
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5c1069fd-5149-41e2-a380-a442c74c4f7d&expiration=1678943814
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5c1069fd-5149-41e2-a380-a442c74c4f7d&expiration=1678943814
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Mar 2022 05:16:54 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5c1069fd-5149-41e2-a380-a442c74c4f7d&expiration=1678943814
date
Wed, 16 Mar 2022 05:16:54 GMT
server
Kestrel
content-length
0
YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7EAE
43 B
995 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:303:72df:41ad:5925 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:16:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
match
c1.adform.net/serving/cookie/ Frame 7EAE
0
331 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 05:16:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 7EAE
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3caf8e2e-7f7e-4c82-b17c-1ca627d26414
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3caf8e2e-7f7e-4c82-b17c-1ca627d26414
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Mar 2022 05:16:55 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:55 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3caf8e2e-7f7e-4c82-b17c-1ca627d26414
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7EAE
43 B
424 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YjFywwCwPvVY2M7NjdbxTwAA%26697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnbnews.com.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:16:54 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=785
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Mar 2022 05:29:59 GMT
/
nbnews.com.ua/
0
0

1
serving.stat-rock.com/v1/log/js/
35 B
166 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1647407814216.9355&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fnbnews.com.ua%2F&t=1227&v=102.1&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9465610221186165
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.128.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap16.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://nbnews.com.ua/
Origin
https://nbnews.com.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

access-control-allow-origin
https://nbnews.com.ua
date
Wed, 16 Mar 2022 05:16:55 GMT
srvf
144.76.128.227
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 91E7
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:55 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ad5fd6b5-8aee-42a6-8a35-eefcb7084420
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4BD0
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 05:16:55 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
71e55b53-b16e-4947-ae46-71da1ca96859
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nbnews.com.ua
URL
https://nbnews.com.ua/push-worker.js?version=6&appKey=63390a2a940b05076f34657e50682643&track_inactive=true
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg
Domain
nbnews.com.ua
URL
https://nbnews.com.ua/

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| structuredClone object| oncontextlost object| oncontextrestored string| jnews_ajax_url function| _0x1c3966 function| _0x160e function| _0x34ee object| jnews object| jnewsDataStorage object| _wpemojiSettings undefined| $ function| jQuery object| gadwpUAEventsData undefined| gadwpRedirectLink boolean| gadwpRedirectCalled boolean| gadwpDefaultPrevented function| gadwpRedirect function| gadwp_send_event function| nxsPostToFav string| GoogleAnalyticsObject function| ga function| adriver object| admixerML object| side_feed object| jnews_module_378292_0_623172c0aed85 object| jnews_module_378292_1_623172c0b3977 object| jnews_module_378292_2_623172c0bd93a object| jnews_module_378292_3_623172c0cdd45 object| jnews_module_378292_4_623172c0e082d object| jnews_module_378292_5_623172c0e76a0 object| jnews_module_378292_6_623172c0e8340 object| jnews_module_378292_7_623172c106489 object| jnews_module_378292_8_623172c1087eb object| jnews_module_378292_9_623172c10dda9 object| jnews_module_378292_10_623172c10fdf2 object| jnews_module_378292_11_623172c11a0f2 object| jnews_module_378292_12_623172c11ea9c object| jnews_module_378292_13_623172c121cbe object| jnews_module_378292_14_623172c126ddb object| jnews_module_378292_15_623172c12d85b object| jfla object| addComment function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| lazySizesConfig object| lazySizes object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Waypoint object| gravitecWebpackJsonp number| _subscriptionStrategy object| AdSlotCollection object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad string| google_user_agent_client_hint object| html5 object| Modernizr object| jnewsoption function| adriver_dispatcher boolean| __isGoogleAllowed object| pbjs325474 function| tns object| GravitecConfig object| Gravitec object| WLPush string| grvTatooineHost string| waypointContextKey function| onYouTubeIframeAPIReady object| GravitecNetNewsConfig object| twemoji object| wp object| hb_dmx_res function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| CleverCore boolean| CleverCoreLoaded object| GravitecNews object| sas object| apntag object| _ADAGIO object| litHtmlVersions object| google_llp number| google_lpabyc object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests function| AdPlayerPro object| DMVAST function| playerPro

48 Cookies

Domain/Path Name / Value
.nbnews.com.ua/ Name: _ga
Value: GA1.3.564873915.1647407810
.nbnews.com.ua/ Name: _gid
Value: GA1.3.1125547555.1647407810
.nbnews.com.ua/ Name: _gat
Value: 1
nbnews.com.ua/ Name:
Value: store.test
nbnews.com.ua/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.nbnews.com.ua/ Name: _sharedID
Value: bc3aeb1c-6e27-4c4e-a15d-eee3c195b86c
nbnews.com.ua/ Name: GN_USER_ID_KEY
Value: 0882cc76-c9e1-49c7-b478-255331c25dd5
nbnews.com.ua/ Name: GN_SESSION_ID_KEY
Value: 4c65d8d4-6ff5-4897-a57b-22351327cd3a
.admixer.net/ Name: am-uid
Value: 6217ac5216034019af6cd0aca50bc23c
.adnxs.com/ Name: uuid2
Value: 1525863146067061543
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: d4e54e02769645d804d4419c
.smartadserver.com/ Name: pbw
Value: %24b%3d16860%3b%24o%3d23110
.smartadserver.com/ Name: vs
Value: 336907=4840156
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1313617845%3B%24ql%3DMedium%3B%24qpc%3De1w%3B%24qt%3D78_2531_71929t%3B%24dma%3D0&c=1&l=673067027&lo=-250033692&lt=637830046106365125&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1313617845%3B%24ql%3DMedium%3B%24qpc%3De1w%3B%24qt%3D78_2531_71929t%3B%24dma%3D0
prebid.a-mo.net/ Name: __amc
Value: 1_1647407810_1647407810
.doubleclick.net/ Name: IDE
Value: AHWqTUnlO4DmWs1rX5Z8gZtQveup1dsuhvBuRw66htqIaX8roaEu3zrawupMX8vXe_o
.nbnews.com.ua/ Name: __gads
Value: ID=ea780bc5a55fe9b2:T=1647407810:S=ALNI_MZSowBVX-8sZKnSz_rlCwpg1TRDwQ
.sharethrough.com/ Name: stx_user_id
Value: b65ad004-a989-493c-a2e5-d4527317afa2
.yahoo.com/ Name: A3
Value: d=AQABBMNyMWICECPVR7WNxv7V8-IfMWOlM-0FEgEBAQHEMmI7YgAAAAAA_eMAAA&S=AQAAAqLUL3TcdN-BXAzWLeWwz4k
.criteo.com/ Name: uid
Value: 3d8e0e34-bc37-40f9-8206-a911b126470f
.casalemedia.com/ Name: CMID
Value: YjFywwCwPvVY2M7NjdbxTwAA
.casalemedia.com/ Name: CMPS
Value: 1837
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YjFywwAAAt1yqAA-
.casalemedia.com/ Name: CMPRO
Value: 697
.zemanta.com/ Name: zuid
Value: cc8NPGYnxMLaXixaaq1A
.awin1.com/ Name: awpv14098
Value: 412871|1647407812|4a2f6230-a4e8-11ec-892c-22623498ce3d
.awin1.com/ Name: AWSESS
Value: 429086:2519498
pb.media01.eu/ Name: ASP.NET_SessionId
Value: 0wgfohwawwdqtaw54kbstqri
pb.media01.eu/ Name: DTU
Value: 84FC7D90826407F3E16E92B7D42C8B45
.adnxs.com/ Name: icu
Value: ChgIttZaEAoYAiACKAIwxeXFkQY4AkACSAIQxeXFkQYYAQ..
nbnews.com.ua/ Name: unifiedid
Value: %7B%22TDID%22%3A%22981a1886-c754-428d-8529-4a2328664603%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-16T05%3A16%3A54%22%7D
.adsrvr.org/ Name: TDID
Value: fac4c61e-8efd-4abd-97a4-5a11ddd7caa0
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwj4wOam3cXDOhAFOAE.
.adfarm1.adition.com/ Name: UserID1
Value: 7075562684309174417
.smartadserver.com/ Name: pid
Value: 6835841013415763191
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b0ed05d518004b1b
.nbnews.com.ua/ Name: cto_bundle
Value: j72yPV9OYTVhb0dTRFVyMWt2UXB2MGRhTmhlMU4xWXNjd1JJJTJGWDFOQU9ab0VDNzNDamVDUlVoRUlSbiUyRk11N2NJT2F2SXJTb0tnTiUyRkZob2lnRVJubFJ5a25qTSUyQiUyQnQyZXVla2ZKQ2ZPJTJGSkQzd0xHSUxKTFZ6QVZ5dmNvbDlVWWRQaVN3U3hKcXolMkZuMUJZQkxwUGFyaFM1WUwlMkZRJTNEJTNE
.nbnews.com.ua/ Name: cto_bidid
Value: BldF2F9wTzBWVEdoV2dJZlBpa1IlMkZmQWVXUWJLciUyQndrbjN1dkNrNVR5ZENSUUg5UnRrRHl1VHZhUUYlMkZTWldSeHRSWk9nUHQ1ckNZT01EdUdQd2klMkJHU1ZWSHlPM0xzT29GRTRvcGU4JTJGN0FsejN3SzQlM0Q
.trafficroots.com/ Name: PARTNER_ID_3379
Value: 9bfada24aa
.smartadserver.com/ Name: csync
Value: 49:7075562684309174417|92:fJmcA450kmO0|137:9bfada24aa
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 5c1069fd-5149-41e2-a380-a442c74c4f7d
beacon.lynx.cognitivlabs.com/ Name: ss
Value: ZFexYjd9PxvnzXhjNt%2F80748EvI5blaxKh02Gi556se3URMLp9QIaqGhtuY5RP8b8pXdVKiWJh1Jk3svsImrNg%3D%3D
.casalemedia.com/ Name: CMRUM3
Value: 08623172c627605c1069fd-5149-41e2-a380-a442c74c4f7d&98623172c727603caf8e2e-7f7e-4c82-b17c-1ca627d26414&49623172c605a0&6f623172c605a0&f1623172c605a0&2d623172c62760CAESEAus1qhm3CoIH5OjLMZIDNA&e6623172c62760&27623172c60b40
.casalemedia.com/ Name: CMST
Value: YjFyxGIxcscA

3 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjFywwCwPvVY2M7NjdbxTwAAArkAAAIB&google_cver=1&google_gid=CAESEAWl5fk_wcvjeb7G5K54NLE&google_push=AYg5qPID_-Fp4fvqsFngYPO37mgZzJKJhGkCD4ci9jpFUcHYLCFTcSKmeqo6QfFHaBZnLnohaNr1ix34PKF91Ozctl9bBsPGwg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad4m.at
ads.yieldmo.com
adservice.google.com
adservice.google.de
adx.adform.net
analytics.webgains.io
ap.lijit.com
api.gravitec.media
api.webgains.io
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.admixer.net
cdn.gravitec.media
cdn.gravitec.net
cdn.jsdelivr.net
cm.g.doubleclick.net
content.adriver.ru
demand.trafficroots.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fe7008bbd5f19e1610ddff0c873202dc.safeframe.googlesyndication.com
fonts.googleapis.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id.rlcdn.com
inv-nets.admixer.net
js-sec.indexww.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
nbnews.com.ua
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
prod-rtb.ad4mat.net
pv.medialead.de
rtb-csync.smartadserver.com
rtb.adxpremium.services
s.amazon-adsystem.com
script.4dex.io
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
serving.stat-rock.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.extend.tv
tpc.googlesyndication.com
track.webgains.com
ui.cleverwebserver.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
nbnews.com.ua
104.111.239.217
136.243.1.199
142.250.184.226
144.76.128.227
145.239.193.130
145.40.89.200
146.0.227.109
15.197.193.217
151.101.129.108
151.101.130.49
162.254.186.187
178.250.2.131
178.250.2.146
18.195.162.156
18.66.97.126
185.184.8.65
185.86.139.115
198.148.27.140
2.18.234.21
2.21.111.28
209.54.177.54
216.58.214.2
23.111.96.44
2600:1901:0:76b9::
2600:9000:225e:400:11:a4de:2580:93a1
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6810:5614
2606:4700::6812:18f6
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638::3
2a02:6ea0:c700::2
2a03:90c0:41:2801::254
2a05:d018:d29:3602:303:72df:41ad:5925
3.214.98.210
35.244.174.68
37.157.3.28
37.157.6.241
37.252.172.45
45.133.44.4
46.236.13.147
51.89.9.252
52.174.47.89
52.3.176.75
52.30.107.253
54.36.238.155
54.77.53.105
64.74.236.95
72.251.249.14
81.17.55.98
85.114.159.93
88.198.250.30
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c1611e9c760eabbf6291cebf74d526f1d81d741b1f7503a913044886e0b586d
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
108e6d6c4ea55806131a27ea4478bf568a1b98a43b40626cb27eff103837a4a2
1285fa0d3efa9b784623a0ee0575627ae18e2dba5545321767925eb3445b3d15
12d69214c2faedde702417481028c2516e407a8a563f7b4853cfc89fa15e4a7d
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
1428cd67160173aabd409b618a36bc50cf4fb82304fdd126415f7be7ead5cfdc
145e9276794f76c0cd79ef451ee712010eaf617092e19372f61f1edc318538b4
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
14fda626da796ba6001f41a90c37863699bb447ee82d31ca8a9ae561e9abfdef
16e889dc56c68944256f7204840c0f1aac819962a5e5cdd289cea254e29aa355
170a961d8c829cdcc8504f0cf9767452da02db10c04935623c8bff017a1327a2
1a3c7aa57ca5e0ab462f42b45b90da3ff2e1b22f46a6d2a902018ecd874f82c2
1b748b2a19ea102ecb1c5116d2dab223a338064511efe1b955a5d0b1c7863b0b
1cecf6aff3799676afbba5d917af1ed2ba13d4cb15431ba6ac1a32a27cb7aa58
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3
20e110dfbc5b5c28fdd7264ebf9b9625a37573f7ee25780a8f15a6a1a2937cce
212549ce234b65bb0a48f911f4b91ae7ed4dbd88bb16beba7eec5c1911fb9ac4
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
26d2d474363e0eaf6e003b28b5d9ce56c11422c6d57b90f8438d7d61ca785500
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
27d021d7b4f7adcb5af5f86b29b346a354ab3a84b0c99daf4a12b26c226cb48d
2948481022d708e82719cfcd81524c45a552e648e7b0c556926d117dd15fdd60
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
31ad828e2003fae096373bbc762bcf87b6c10c73a37768d2862557050f9a6c04
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1
3528fe239f114a89058779abe7a4de6048b63c66bb89d5b848eb0efb69656c89
3781ba82228dbf3f5cf9664287cb8b0a7b8d20a5224c54d8a6a5f26c7cc2f1db
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3986290ba6333667dae9d7466d47e7e058abe1f1622d50d357a20b89710ae614
3a2936806762a9bbdf9ce051d413962ee4ab49ed68194f4defd969a4bd6ad7b2
3bf228f44d2456242ee12954512d31472aa7d12af0cad78fbebf79fc6213eac8
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
44398587b3d4b1a7ec6f1d30c13c37d8a3f3f7825a2dc36c97d0f499653a788b
44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3
44fde6e344a1d3ec534a6d7861f61e6f2b9e5e9b0a7dfca6b94557ba066d0e09
47412e23dff0fefcefb989fa70cf70cdea598d4d97fc079e5447e56b7bb46e61
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
491ee20092ce969e6785601ae4595748d4ac5ee4df19012b19b77de6c9dfd357
4b782cac9a76a4137f6a94ed25c97d1df386ad8866192f86c2bc1136c10627d5
4c1ae5b4e149c201b2c7ecead440cef66f6dcc1a6f0f529fdd92525f4be76d24
4c62c820213f1ab28757a744fd3d15b65fc1ac9e148c8db2c50eb8a20959f930
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed70dbda3e01d8ba3526947cc87a16b5028bd8bce0c945c0c1842a33e2ed738
505ef3bb5fa1e8845c942470307405520f941e20494aac5596210cb6a6aa2107
50ef77c247263fdc6e0308a69334a3064176a1f4803e90eb0b45370231044fb2
533188c8bfc88b380a888caf14b8248653daa846e1dd184a0665964cf97484dd
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
554030331564b4e2b69efedc4b5b65b1c917bf8ca9a2dffb403a2ad00450c96e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e21ada9415874ff9a81d89495061325971d3e9856f3806e0dfa20f33b8bc61
578f49d25490d18b8e9c82fe39da2e2928c142b9a93f0447c5c707e06897416d
5b1cb75fc018a41150568ef1e3ee4e79e1a90d690a262f9a1c0297c9df3c3d2a
5bf97de8ad6bc93b3c21dc853b405253b32668272e36f8624d209ce143681538
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d73731182b06107c43ca0d8ba1958f596cf4fed84f6fb0f91fcb6c6c1e93065
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
648ee4f2c0e3b584249821e942f1c8d9973099b411935d8d9e90c12929eb3152
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66a57c0e4f3f8bca9b9ac3bd55990c6d9be88605138533bb6d1b42dfbbdbc63e
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72be4e4f728300f0723d1c22dfa697639f9e5adaeacfdb41cfe2dde05c8886bb
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
79736d07ba6ed8698591052941e7293798117a0ad17d0cfa6390ef133e004438
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd
7e804b143f8e7b0e203daaac1db97c48d7268640a339150b8bb4673f9f77f75f
8090175413e5704419b0395fd14158a2c699d36f1deeb67083f1dcde74166c94
83339ddea3a74766ccc52afdb0e672a3440ba11ea210e40e1b8e62f50337db82
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834f36e331c276d5f1f5ad0f25c293b00512410612cddf6e6e2266bb4df43f3f
853027a57de2415798f65d5695e6b8f81debcc9dfce493d3cd1ba7df02bbfe1a
858acfc3ca76457634a9b3a39c08129336cbd8ad964b9a6eaf3668eccd520d29
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b8a59460848f2c4ce056fb0fa736158af0dfc27e2f8e4bcc3e51987a57fcdbb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e971b1b848e954821be5078c2b27a62af1f5719df736a8cdd705378efbe741c
8edd2a4a88a1b0385e933707d56f890eb25a2271e0c5bccafbf0c79349d8dc09
8fe5c08e7851e25f6bd19661fd428e22af9c272bb613364c0ee28e98abcb62e8
9029f73a96c2d4c217f576b0112e4904b012dac75a997fae34508f2c8be7848c
904b7839b8a28b823a7c1a74b3093f51eed791d356e28134f97db09d39ced2ed
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90e04993f5537b1e3f42b3cefb575312384eb9ec320044b0e3775012047d09cf
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93fa80cd61b11ae585be27bd7a1f96f41d51b1535d4d5fbed35af95e5a35affc
953d297714ff8be59e2ee663f52a3ca5ec31e35f9873497b64d7db9784011e6f
95f8d83fb4f4a65eff675c229830b80b762ac811be1e416875076d51de51384f
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894
97c4b3c30e2c5666242538a80a47a0f980f5db37d02779c79b7f81d4206b6b54
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab6fe2bf97ae3218625c1b808abaad9f40936b9780a22428d8daf42144cdd09
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c428b915e2cdaecc9108747e349edc87c4afb2c715267d4d30ad90cafab282
a3cc09c99a3cb36724150d034bff121ce307c9c238c5e190b56d3a3b457d2fdf
a3f5634006d2a628e829de3ddec0f44de5206a017a8019b46c5783847463c0ba
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7691cb1eefd69253e5c0a6189cc560aadce87ff0429c7e1f57d526a0e426631
acc275fad85f59a2e747aad534320abc9f33fdce217db0275391d829b519db54
ad1bc545ed23abc9254fe3c686c2ce377f012c8e969a2b35b4f64848a2e5efce
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e
ada513423b09166196cade2ad91682690576b91d2ee01181e7bfabbc2144c241
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43d0eb69572d21c75da6f33822b27f0870244f7d1b6c4d865a40284c040a3bf
b60053fce592c08ae613dee226aef1d242bc025ef3c5d43119a4170c972bd1e3
b6442b32bc51bcbc78e248896eae4b46ae5bf1842e460c4a65aa5bb8847d6b5d
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b6aebdce6f243a2fd13336d91c9e8c03f9d128ac528d5b64929b2eddf475a105
b7c372950a35c41d865890a2fa4ba31bb5896dc186dbb4ea0cc6522281e5f3d1
b88c9ebb16484a2ffea36aa30c948c61342e1f8eff2f7b092e9aff3e366c24bd
b91d4596d3de758cc68c99f3df2859d33e3bf6046ea9648db5bba52f22f92e7c
b932a10c6814724741c5dcfb0fd8bb70ff95946a13a2e2acecbdfc4d10240f92
bd01c0244978d00755375e967677b6c64d069ee054dcc2b37d5279445eb77b75
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bda98b3494dbac9c731cd4d78488076699140bc89d6a2dedae7178794c558e31
bdbb567686d4fbcce57083ccf3a24533974c05e6019949c9842b7395f1b46ec6
c1242fa94be3c8b4f77e19e0098a00ce4714e76b48fcf9fb6c6fb95e978bc5df
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c228e4c33b411f01f3b7a571d44342106847fea18082e174333341503e4f0f20
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
c5310fe55b411c576b30cda56f82773bc7227cf7dc069cbd80810968d9172ba8
c59426a4df232c037668bb50cb20438ca14c5b118dfe756ab38d18f5bd204f05
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cdc61b8df6e8af4f24e9acbaf8f4569dd1bf04fb2ae7424430627371478013d4
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d07df072486d38ff74494d37e87a9ae50f779f88df71d41d745cbefe68c01bad
d08d8bf8cbf6836a524b19e04a2f343506c3d92e3b9dc66f5f52c4786ce15439
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d555ab9308ca727a44141137142a7a22048ade77ea2aeba0a4ca4c76a080ce32
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d64e383dfb28ce7e37cba7ddf8dc33b90802fb1840a887c030f1af0b0047715a
d71d5e6fbc48ec3618d5f8343ae297db7e205a6f6ddc0c1ec1e4ec5b405ff2e3
d85ca8586e1f1cb0d61a05cc405d33700aef58f7bdc9e71ef6b68323b7604ef6
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9e32d14eae4dd2bf3e342e71c482cb607435898e7d0b5720c3b638683f22b2d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2eb67a6ecf5f823a5621f4f17dec7cbd82264098311536b7498d81d86699c75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fd0bd77b89c9e7157ed89c4d81bfe4fa9cc69e8f4f58243c8d639a13084f3e
e6a4019c20fb6f6a3ee3fbe90440d6c3d1664c3908625a9b5a9629852494d7ed
e8120fc8c7e91c95a395f16edeaed21f80f643be594d6849c7f8e59d50f3880b
e81e4ebce58ffc76eaad5e55dae7b24291f32a40d0089635814c55ea15fc588e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9b95f90e5c14d79ca913274fe826ff0489951bafce8406cb62b860f1862aa53
e9d3f520c949ccbc4ecf8394f73fc03d560124a354e71898328a61c23666110f
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ec9d8c907138c1545c1e92a42a86e0fc451ecedf5259d0562ec2192429092451
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ede0cf1bad6ee684ce77ebae6b727ee584e3bdf0748c81708e0cdfe9d41bbdea
edee0332b3323e1e756dfcaf260677b4962f02b6941a62db78b5928622517574
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29d52fcae1ca1d3425e7a612323c8b59a69cb3191fd5fd5535362a0ab25e7b6
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f57837a3d19aea0bc2a9ac32c436e5addbaa54b5c2e1868d98bbb3ce4ab8ab00
f6a4585e2465177bbddcde638405c9d549c2c59854043355d75013ade5988c71
f8afd76205c636d6b2bae0d77ae4ddcbcc9d6e86ade452519cbb939220310f60
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
ff818d9d92ee77b1976869ddb607b3557c64eecae2806497b96afe2af76ed0ed