nv.ua Open in urlscan Pro
141.95.64.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nv.ua/
Effective URL:
https://nv.ua/
Submission: On February 24 via manual (February 24th 2022, 1:34:26 pm UTC) from RU — Scanned from FR

Summary HTTP 118 Redirects Links 108 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 17 domains to perform 118 HTTP transactions. The main IP is 141.95.64.123, located in France and belongs to OVH, FR. The main domain is nv.ua. The Cisco Umbrella rank of the primary domain is 159058.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 6th 2020. Valid for: 2 years.

This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	141.95.64.123 141.95.64.123	16276 (OVH) (OVH)
6	2606:4700:303... 2606:4700:3032::6815:4f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 2	44.235.179.16 44.235.179.16	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	74.125.140.154 74.125.140.154	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:224a:2000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	52.22.193.24 52.22.193.24	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	15.236.149.177 15.236.149.177	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e033	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
118	30

44 141.95.64.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: n1.nv.ua

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::6815:4f5f (United States)

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.179.16 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-179-16.us-west-2.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.247.225.98 (Berlin, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:2000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.22.193.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-193-24.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.149.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-149-177.eu-west-3.compute.amazonaws.com

tk.conforama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e033 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	nv.ua 1 redirects nv.ua — Cisco Umbrella Rank: 159058 static.nv.ua — Cisco Umbrella Rank: 376230	2 MB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120	98 KB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 bid.g.doubleclick.net — Cisco Umbrella Rank: 448 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	194 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 671 static.adsafeprotected.com — Cisco Umbrella Rank: 502 dt.adsafeprotected.com — Cisco Umbrella Rank: 465	99 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	191 KB
6	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 53059	30 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 58430 ls.hit.gemius.pl — Cisco Umbrella Rank: 13343	15 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	55 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	conforama.fr tk.conforama.fr — Cisco Umbrella Rank: 233175	644 B
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 33045 www.google.fr — Cisco Umbrella Rank: 15945	1 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8633	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	125 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1135	48 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	38 KB
118	17

	Domain	Requested by
30	static.nv.ua	nv.ua
14	nv.ua	1 redirects nv.ua
10	pagead2.googlesyndication.com	nv.ua securepubads.g.doubleclick.net tpc.googlesyndication.com 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com fw.adsafeprotected.com
7	s0.2mdn.net	nv.ua s0.2mdn.net 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
7	dt.adsafeprotected.com	7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	images.weserv.nl	nv.ua
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com nv.ua
4	gaua.hit.gemius.pl	1 redirects nv.ua gaua.hit.gemius.pl
4	securepubads.g.doubleclick.net	nv.ua securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	tk.conforama.fr	7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	nv.ua
2	fw.adsafeprotected.com	1 redirects 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com nv.ua
2	www.google.com	tpc.googlesyndication.com
2	7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects nv.ua
2	www.googletagmanager.com	nv.ua www.googletagmanager.com
1	code.createjs.com	s0.2mdn.net
1	static.adsafeprotected.com	7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
1	www.googletagservices.com	7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
1	www.google.fr
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
118	30

This site contains links to these domains. Also see Links.

Domain
biz.nv.ua
podcasts.nv.ua
life.nv.ua
radio.nv.ua
techno.nv.ua
health.nv.ua
sport.nv.ua
azart.nv.ua
shopping.nv.ua
promokodi.nv.ua
www.facebook.com
instagram.com
www.youtube.com
t.me
english.nv.ua
twitter.com
www.instagram.com
play.google.com
itunes.apple.com
facebook.com
podcasts.apple.com
podcasts.google.com
soundcloud.com
spoti.fi
www.mixcloud.com
apps.apple.com
ua.depositphotos.com
interfax.com.ua
ukranews.com

Subject Issuer	Validity	Valid
*.nv.ua GeoTrust RSA CA 2018	`2020-08-06` - `2022-10-12`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-21` - `2022-06-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.google.fr GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tk.conforama.fr R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://nv.ua/
Frame ID: B4F0AAA13C6D4A6B481EA6E968090F69
Requests: 72 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: C687F07DF0381C08B4768F855723869F
Requests: 1 HTTP requests in this frame

Frame: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3111A0C7B2028FCD93F6DF5815599C12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 136780030985F882B6678CB8C6C30B5B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDC12FFEA4FB5917B0E7EC0F0167ED8F
Requests: 2 HTTP requests in this frame

Frame: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 372AE0BC51C38DF0E63C8B8B852F3A14
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjk6dTBATAB&v=APEucNXTA7KFPZ8mYpCBSWBVg-PSQCOR7HxyaCdqujJdyR6Q56xag-tij-zZSNuQUINi0g7_pRjkYrhT6TbfDNM7ZkZ9jFaAM9HDe6_uXeBiHfc8nXbfERhx9LFcoAOus4a1Yr3lKxr_8v6Aj3rNkUmcQ9v2fdhuNmpdHcLIcYIZnn6sg7MGT1E
Frame ID: E800C41F6E6EF379E6496664BCEB84C5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E76C28013EF68E2E2E7DB1E61159EE29
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 3D4D6E2C74D744277E2654D2D563DC55
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13657392133266294204/index.html
Frame ID: A69D061D9877BC280ACA9AFA9C9BE125
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Украины и Мира. Главные и последние новости — НВ (Новое Время )

Page URL History Show full URLs

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

118
Requests

94 %
HTTPS

55 %
IPv6

17
Domains

30
Subdomains

30
IPs

5
Countries

2473 kB
Transfer

4328 kB
Size

20
Cookies

108 Outgoing links

These are links going to different origins than the main page.

URL: https://biz.nv.ua/
Title: Бизнес

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасты

Search URL Search Domain Scan URL

URL: https://life.nv.ua/
Title: Life

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/ru
Title: Радио

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/economics.html
Title: Экономика

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance.html
Title: Финансы

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets.html
Title: Компании / Рынки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/tech.html
Title: Телеком / IT / Медиа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/top-100-bogatyh.html
Title: Профайлы ТОП 100

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/publications.html
Title: Статьи

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/bizinterview.html
Title: Интервью

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/experts.html
Title: Эксперты

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/consmarket.html
Title: Ритейл/Недвижимость

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/
Title: Техно

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/it-industry.html
Title: IT-индустрия

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/gadgets.html
Title: Гаджеты

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/innovations.html
Title: Инновации

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/popscience.html
Title: Научпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/technoblogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/games.html
Title: Игры

Search URL Search Domain Scan URL

URL: https://life.nv.ua/krasota-i-moda.html
Title: Красота и мода

Search URL Search Domain Scan URL

URL: https://life.nv.ua/lifestyle.html
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.nv.ua/blogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://life.nv.ua/health.html
Title: Health

Search URL Search Domain Scan URL

URL: https://life.nv.ua/lyudi.html
Title: Люди

Search URL Search Domain Scan URL

URL: https://life.nv.ua/socium.html
Title: Социум

Search URL Search Domain Scan URL

URL: https://life.nv.ua/kids.html
Title: Дети

Search URL Search Domain Scan URL

URL: https://life.nv.ua/travel.html
Title: Travel

Search URL Search Domain Scan URL

URL: https://life.nv.ua/food-drink.html
Title: Food&Drink

Search URL Search Domain Scan URL

URL: https://life.nv.ua/evrovision.html
Title: Евровидение

Search URL Search Domain Scan URL

URL: https://life.nv.ua/znamenitosti.html
Title: Знаменитости

Search URL Search Domain Scan URL

URL: https://life.nv.ua/horoscopes.html
Title: Гороскопы

Search URL Search Domain Scan URL

URL: https://health.nv.ua/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://health.nv.ua/medicine.html
Title: Медицина

Search URL Search Domain Scan URL

URL: https://health.nv.ua/nutrition.html
Title: Питание

Search URL Search Domain Scan URL

URL: https://health.nv.ua/fitness.html
Title: Фитнес

Search URL Search Domain Scan URL

URL: https://health.nv.ua/happiness.html
Title: Счастье

Search URL Search Domain Scan URL

URL: https://health.nv.ua/sex.html
Title: Секс

Search URL Search Domain Scan URL

URL: https://health.nv.ua/lifehacks.html
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/football.html
Title: Футбол

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/boxing.html
Title: Бокс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/tennis.html
Title: Теннис

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/hockey.html
Title: Хоккей

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/other-sport.html
Title: Другое

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/zimnie-olimpiyskie-igry-2022.html
Title: Зимние Олимпийские игры 2022

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/
Title: Азарт

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/news.html
Title: Новости

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/articles.html
Title: Статьи

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/reviews.html
Title: Обзоры

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/
Title: Шоппинг

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media.NV

Search URL Search Domain Scan URL

URL: https://instagram.com/nv.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/novoyevremyaua

Search URL Search Domain Scan URL

URL: https://t.me/novoe_vremya

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/mysli-globalno-deystvuy-lokalno-50175561.html
Title: Мысли глобально, действуй локально

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/novaya-komanda-kosyuka.html
Title: Новая команда Косюка

Search URL Search Domain Scan URL

URL: https://english.nv.ua/?utm_content=set_lang
Title: eng

Search URL Search Domain Scan URL

URL: https://life.nv.ua/blogs/voennoe-polozhenie-kak-uspokoitsya-kak-umenshit-trevogu-50219554.html
Title: Маша Ефросинина Как не сойти с ума и жить дальше

Search URL Search Domain Scan URL

URL: https://life.nv.ua/lifestyle/robot-pylesos-i-robot-poloter-5-prichin-podruzhitsya-s-irobot-i-perestat-tratit-sily-na-uborku-50203237.html?utm_source=nv.ua&utm_medium=1&utm_campaign=lifestylerobot-pylesos-i-robot-poloter-5-prichin-podruzhitsya-s-irobot-i-perestat-tratit-sily-na-uborku-50203237

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/napadenie-rossii-uber-perestal-rabotat-v-ukraine-bolt-i-uklon-dostupny-novosti-ukrainy-50219634.html
Title: Uber перестал работать в Украине, Bolt и Uklon доступны

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/voyna-rf-protiv-ukrainy-belarus-ostanovila-postavki-topliva-novosti-ukrainy-50219630.html
Title: Вторжение России. Беларусь приостановила поставки топлива в Украину

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/football/voyna-rossii-protiv-ukrainy-uefa-perenes-final-ligi-chempionov-iz-sankt-peterburga-50219625.html
Title: После нападения России на Украину. УЕФА отобрал право проведения финала Лиги чемпионов у Санкт-Петербурга — СМИ

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/ostanovka-aviasoobshcheniya-skolko-ukraincev-ostalos-za-granicey-novosti-ukrainy-50219612.html
Title: Сколько украинцев остались за границей из-за отмены авиарейсов и как их будут возвращать — Министерство

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/mcdonald-s-prekratil-rabotu-v-ukraine-novosti-ukrainy-50219622.html
Title: Вторжение РФ. McDonald`s Украина закрывает рестораны

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/economics/voyna-v-ukraine-zeman-nazval-putina-sumasshedshim-kotorogo-nuzhno-izolirovat-novosti-ukrainy-50219617.html
Title: Один из самых пророссийских политиков Европы. Земан назвал Путина «сумасшедшим», призвал изолировать его и отключить Россию от SWIFT

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance/sbor-sredstv-dlya-armii-ukrainy-nbu-otkryl-specschet-novosti-ukrainy-50219606.html
Title: Сбор средств для украинской армии: НБУ открыл спецсчет

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/tech/voyna-rossii-protiv-ukrainy-suspilne-raskodirovalo-signal-megogo-otkrylo-dostup-k-kanalam-50219602.html
Title: Суспільне сняло кодировку на спутнике, Мегого открыл доступ к новостным каналам

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance/voennoe-polozhenie-nbu-ogranichil-snyatie-nalichki-novosti-ukrainy-50219487.html
Title: Не больше 100 тысяч грн в день / НБУ остановил работу валютного рынка, зафиксировал курс и ограничил снятие налички 24 февраля, 10:09 Финансы

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance/limity-na-nalichku-plan-nbu-chto-nacbank-budet-delat-v-sluchae-napadeniya-rossii-na-ukrainu-tekst-50219276.html
Title: Три этапа особого периода / План действий Нацбанка Украины в случае усиления военной агрессии России 24 февраля, 08:44

Search URL Search Domain Scan URL

URL: https://life.nv.ua/znamenitosti/ukrainskie-zvezdy-obratilis-k-rossiyanam-i-miru-prizyvaya-ne-molchat-novosti-ukrainy-50219539.html
Title: Призывают не молчать / Украинские звезды обратились к россиянам и миру 24 февраля, 14:15 Знаменитости

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance/napadenie-rossii-kotirovki-evroobligaciy-ukrainy-upali-novosti-ukrainy-50219595.html
Title: Масштабное нападение России / Котировки еврооблигаций Украины упали 24 февраля, 13:53 Финансы

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/okko-ogranichila-prodazhu-topliva-novosti-ukrainy-50219592.html
Title: Вторжение РФ / Сеть заправочных станций OKKO ограничила продажу бензина 24 февраля, 13:39 Компании / Рынки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/rossiyskiy-fondovyy-rynok-ruhnul-na-45-50-poslednie-novosti-50219577.html
Title: Обвал по всему миру / Российский фондовый рынок рухнул на 45−50%, европейские рынки падают 24 февраля, 13:33 Компании / Рынки

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/?utm_source=siteglav&utm_medium=glav&utm_campaign=promositeglav
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/aliexpress-kupon?utm_source=news&utm_medium=siteglav&utm_campaign=promositeglav
Title: AliExpress / Лучшая цена на товары

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/foxtrot-promokod?utm_source=news&utm_medium=siteglav&utm_campaign=promositeglav
Title: Foxtrot / Распродажа товаров для дома

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/promokod-rozetka?utm_source=news&utm_medium=promokod-rozetka&utm_campaign=promositeglav
Title: Rozetka / Скидки до 50%

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/techno_bloggers.html
Title: Все техноблогеры

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_authors.html
Title: Все эксперты НВ Бизнес

Search URL Search Domain Scan URL

URL: https://twitter.com/tweetsNV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nv.ua/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/%D0%BD%D0%BE%D0%B2%D0%BE%D0%B5-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B/id1194455118

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz.nv.ua/

Search URL Search Domain Scan URL

URL: https://t.me/nv_opinion

Search URL Search Domain Scan URL

URL: https://t.me/nv_tech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nvmedia_life/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NV.LifeStyle/

Search URL Search Domain Scan URL

URL: https://t.me/nv_shopping

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/
Title: НВ Подкасты

Search URL Search Domain Scan URL

URL: https://facebook.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://twitter.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://t.me/nv_podcasts

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/
Title: Радио

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVoPOHZYyNUr1GiVnRVm2ig

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radio_nv/

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/ua/podcast/%D1%80%D0%B0%D0%B4%D1%96%D0%BE-%D0%BD%D0%B2/id1394491455?mt=2

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cDovL2ZlZWRzLnNvdW5kY2xvdWQuY29tL3VzZXJzL3NvdW5kY2xvdWQ6dXNlcnM6NDUwNTQ0NDQ2L3NvdW5kcy5yc3M=

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-nv/sets

Search URL Search Domain Scan URL

URL: https://spoti.fi/39x63HF

Search URL Search Domain Scan URL

URL: https://www.mixcloud.com/Radio_NV/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.podcast&gl=RU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=Podcasts-AppBlock&mt=8

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Інтерфакс-Україна"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: ИнА “Українські Новини”

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413%u043B%u0430%u0432%u043D%u044B%u0435%20%u0438%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u2014%20%u041D%u0412%20%28%u041D%u043E%u0432%u043E%u0435%20%u0412%u0440%u0435%u043C%u044F%20%29;0.5910069439522352 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413%u043B%u0430%u0432%u043D%u044B%u0435%20%u0438%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u2014%20%u041D%u0412%20%28%u041D%u043E%u0432%u043E%u0435%20%u0412%u0440%u0435%u043C%u044F%20%29;0.5910069439522352

Request Chain 60

https://gaua.hit.gemius.pl/_1645709660762/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=155&lsdata=DvnA6K66_Q9R_EYmYhKf5f800V3u.eAww2g_iYlIT1j.47rO0.Ms_tBLiPn1_.YlYdcfLC3g7LruJv3Ng5mwoaflDF50/buCNF1MrAm.eP/&fpdata=3wjL1UiwfTMdn_F_w2WFEkW7eNx3asPrBMgw.rHZVsr.h7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1645709660762/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=155&lsdata=DvnA6K66_Q9R_EYmYhKf5f800V3u.eAww2g_iYlIT1j.47rO0.Ms_tBLiPn1_.YlYdcfLC3g7LruJv3Ng5mwoaflDF50/buCNF1MrAm.eP/&fpdata=3wjL1UiwfTMdn_F_w2WFEkW7eNx3asPrBMgw.rHZVsr.h7&vis=1&fpcap=

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENaOCqLvrwdmNuXvH_h06_s&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENaOCqLvrwdmNuXvH_h06_s&google_cver=1&C=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YheJXZQ2h-8y7BKKtflpmwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4Za_LUFGsoT_Hd7nyPjLw&google_cver=1

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE0hDjtu3hdglMtxbCzLpfY&google_cver=1

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0NTkyMTMwNDExNjU4NTQ5OA%3D%3D

Request Chain 94

https://fw.adsafeprotected.com/rfw/bgd/952859/60854783/xbbe/creative/adj?p=APEucNW3zBGKe6-YJV_jGGFGe-U9TJOXCao424tPf8pYfxHZccmv_lo&d=CnkAoCZ_4Fueo4ltOiqFZjujJ5wexj78STbDU-ox_GYoZdWstmWU9mxTi3uFAv81lAsj9DZ95wAn7MOcBSJBaYq8QB2dz6LqU-zQQShMocdsvGR3NoBHSkftl93PWztW5wYMkAKSxF0gn1ocMR2W2HewWGm7gGRi-HUHEukTAKAmf-AZTI17eDUOZnJo0S3O3ThrnDdcPA4UtqiwaNPNTcC4hHP7LU3mA2trKwycNsYHfQNJoirRsoQy50qq96VcE-CFrArOrmydo0-zStybqGnRmf0hdapjPX9Ui6NkACIGv-7nKWDOAjLVxo0Lds7uVzSK2ti4BVoYQxgSbOrFBkgEc33ZxikUYDDOkr_-m-T8KeL0G41k18ZhatVq_0yKJ2PVV52f3LPJ_O0dVt2ccFGXVDXROR4RyUh0pXkG1ZupN-moKLyUlhXL25U0Bk74FVTSb1mnW1gwWpoB_JGQD3w-CO8iTjzW6xd6soK1JvCPSett3C5d6UJOxuUQ0qVJVReX0J67mCpzKsmE2MPULJamOSfQVSFp6_2qge49Ie8wUj2tba4LfMYAwmX3mpqfdpznsTUwt5FTomEJ5zeyEMGckdttyonQjyHL3Hib5Uh-vn9Dzdn5016uptCbiQsuMAb3Yl_iGjJa7r-BOjJMJ6uAYfCcnUjV0KthWSUmKgVOqAlAYYb0j719BOu59i1gI4dTw4yq3apk0oAjiRs8_3gD3oqlFdjjx7wGiQat0TloeIY7rH-AzR4n8wdvFb4iAdJQw2WYjXQQgNTYKGPyE0AGPJC-OS79Q6ts9YbzFYV0M1_9Wd0_syEsw2vVHJBdwRx1RXXV5OgVNb3a85hH9HAjF3oR_tsIayvV5zJs4SqYzI1hShkNVKtOLshYniRwcC2CkmW3Cp86b1Sp3YHfl6l3ZsShoG1Zn1VxS-lVVeaqWYg1jitHbqVCKohjyspQXTC58E7lZhz2oV8yGEXcntARxYp9aEHHLxrt-7dRHLJAGVK1RmcD1aChOMyIdwpAxesoAATj4VJk--bJ5A7XZeDKenZix29nfMu4D0XDraZFDC2xH7JNNNOicu-fbASk1Xfs-T2MvC2jidy0E6zD_XPqGh-K6Ip7ybFiXqmlt9q-oF1RcW89WszbMWUm568Zzs2QIBNTb2tzQf--SErPVTNw2WwL69XJbuEDbyNxPBoZON4mCSXAt6YuR6OvoLq184U6NaPc4e1xyqc-pu2S4cmwL-M52QUFIQnxRd6tFp4tOTlZPj6CzuTDBtP3hX8jGjvvGHi03rsNHyZ9LtcZZDSfzKc-xmvn7wgdaN8VqE3A2BLSAXIsotyqyjCTeBdem7HDPlPnAsyqDGl-_-Jvil8VtlSX_kyiFzHgmJAa2AmNcdP8q0bxdgNI3bJw3RlIIpdK98Z16CV84N3TjjOeiYH7mEsqk26I97BKv8ODk922iiD_1LGVf4JSoU7KYRTy2toGdPz3I9Ds0rJe3yu-07dPvjwebj4ZrtsuxKjirLnPBm1jcU3nG88RAGM2b1M2QIa8jxIfeaCrEJep0m9mY4tyrtmunW2nBAy3C4Gw5UWmu9632U71HYosbPArO3CjzpOG3koZngArirDN7dBBHh14H_pBTIB1LbtlHutmzWtzarCiaOeKYJ7T-LlxthBo6cfGVLXvhFaz51Y7w5IoTD12lRejZkqDUh78B232b3j_SfAbrB7zkyW7LFyBM87tadP5vpUDZC5c13m_bFWpjZZF2ntGoeCXGMNbUnIAzBZer1-i6nRdAZJRg9ovmMXtcLYXtQQHpk44XooABv6qV4I4AXlW9wGIp3tLEFbJcLrH6c1Y3XGbbA55PNd0IKQ3fuJ6l6MfOvY-9SBGTfB3UPLja61CDA266d0V3dw4PvXB_LpzBkWm0y5TCDrEfk6FFUjhDBCP--C0tRgBpjEW55VFTCZDq_6AaJ3KzicnUQRcgZJg17341fhCy5DaYV-jsAleLdhryq2XsPSYCK7wg0lshEpil9D2JoVxAyo2Kb6vboe4rseH_jEYpSIzaTUbvoIKd8C-B78BwQd7OVhCAZHYwpoFNDDH_wKPXQAxxcWQSJnicDwSGodHNBqp11ifYcWUTvboo6N13nnGKf021rN_XFYvy-tUggb0sJgZh9syhujPPGILUPLJrnY3yffTMDeBGFmdQpF6XLfYvcDe77hlWKDRmAJ0d_OMWQZhzA8NEQzmhEeRYlEeVvEElxa5yP2yyjvVDJIldVXdGPKJRJZw5gGLCYS2cPIxsiOFhYbyRTt_HZfN06xqqrN1tJIfOG-MlWNqRdlqbXOJvsCDpULtuvV73O_xU8Suk-6cJI6xsuC0meiWaQ4sLCiEfsEKV4GYEk5YS9kZBgW71CaINJGX5TE97xbD6EIvhP7EKY-IEojwNAmXraO3JPN2sVyTrNcOl6Xwf8Coe9QmvATxAvjD74OirisqFN7x5Y2VQCULrj2-cSjWt2bqXJ8y3FFYhWmi2cS2UfVJBkT7vbzFaSvV-oXszAkaJEK2v1jdv7ey597vuYWHBG4G-OzZTUuEmarQB3rmGg8JvLikiCfW4ZKyjM30QVQYCVe3_hmjx4_S00gJ0Lybnt8ii15xxM6KMDP-Xz37n2vmg196-27hfyVe4SImgG-4LN3muaN_Hf-D4GD45Rsg6_6LNeeH1e32R7mb-7-OyBnfZtKfLrtUXnxKaDjHHfA54c34ZW8oPv67TBmh4W3uBT6Gfm0AgsNSdC1jcGYoWfNnVWOy1gWx_I8j3M7Lj_u10sojwNB3FO7JY3fp6SnI9C5fN85Nwmis94CVqKMAUHfC64l0BjtH5lY9o3yA6SWWfDJOb4VVVU_HnsGXtvmJ7B25rGJ2KgG4_EmLQXdgxJ2jkdL2B1Clb_4eB-9qZnBATsuLxIUcLB1nd07vaNPGUOalWQlmp-aRhRuteneG-lyMix6E6Ej4O7h7uUzTAH3DwuJD9-2jt1KxBcxlm_TkNNKYi-j3o-nAP4AIGpDQKQEquQGtQBs0PYW8JRoIE2bz3eTECU4vv1xLqHGqTv-Gx1v2eW2uKWT_ejBhs0kH5rVkfiYRKcWImZKI20DEV71koFfd2HksR5PZQlowQa9ZEmafJIeUgVL85Aedd3tZSV72s9qx46U2hxC4eETVtWxfJDezY0lHdANj-wBYPMClLRGucPm_Rme3_X3DI3rnCWtbUWP5HxSIxZCSZ678lSeKqXRY3Ba3Dlg24jjhOLRyLnzwS_kbauZVoeHrGZhrmDd8XGjnCHdbfv9XlU6Hk4fNt1sJN2_yZHckn9G0TB-ODYAJnIH3pvNfVJ1jzpatFe-xmPE80FSKqkcumiuBJ8oDpZopCnu9nD4snwM6FnvIK_LhjyVeHQercO8jynQveGVyrEzcNzKqRFv6ErrIPNvAPFcybiUdKnqXn98d6vIKdkI_tmJF5svh8dOjrePQazvRZ72Mi__3hCuOVaPX2OyoxMaryhYVdV5bkbKAo7AUr7zTEdRm94nQwLiLvLwKBqxrRLWdHEbjWOJW4FaHe8AaGQgAEhXkaFoN96WbV6oO8neRIixVA-0pvfFgAQ&ias_dspID=3&ias_campId=26750841&ias_pubId=pub-4104491810713150&ias_chanId=1&ias_placementId=16231403734&bidurl=https://nv.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jIPd5nvdC5_Q2BQkZzqhUo&adsafe_url=https%3A%2F%2Fnv.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e4cde681-5552-d6a0-6c51-ffc78f1d08b6,c:593oWl,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-78fb47c986-pfscj,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:cfrma1,nbld:0,mtim:4,fm:sYmG1I9+11%7C12%7C13%7C14*.952859-60854783%7C141%7C142,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:79570c15-9576-11ec-94b8-5e5fbb84275d,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNW3zBGKe6-YJV_jGGFGe-U9TJOXCao424tPf8pYfxHZccmv_lo&d=CnkAoCZ_4Fueo4ltOiqFZjujJ5wexj78STbDU-ox_GYoZdWstmWU9mxTi3uFAv81lAsj9DZ95wAn7MOcBSJBaYq8QB2dz6LqU-zQQShMocdsvGR3NoBHSkftl93PWztW5wYMkAKSxF0gn1ocMR2W2HewWGm7gGRi-HUHEukTAKAmf-AZTI17eDUOZnJo0S3O3ThrnDdcPA4UtqiwaNPNTcC4hHP7LU3mA2trKwycNsYHfQNJoirRsoQy50qq96VcE-CFrArOrmydo0-zStybqGnRmf0hdapjPX9Ui6NkACIGv-7nKWDOAjLVxo0Lds7uVzSK2ti4BVoYQxgSbOrFBkgEc33ZxikUYDDOkr_-m-T8KeL0G41k18ZhatVq_0yKJ2PVV52f3LPJ_O0dVt2ccFGXVDXROR4RyUh0pXkG1ZupN-moKLyUlhXL25U0Bk74FVTSb1mnW1gwWpoB_JGQD3w-CO8iTjzW6xd6soK1JvCPSett3C5d6UJOxuUQ0qVJVReX0J67mCpzKsmE2MPULJamOSfQVSFp6_2qge49Ie8wUj2tba4LfMYAwmX3mpqfdpznsTUwt5FTomEJ5zeyEMGckdttyonQjyHL3Hib5Uh-vn9Dzdn5016uptCbiQsuMAb3Yl_iGjJa7r-BOjJMJ6uAYfCcnUjV0KthWSUmKgVOqAlAYYb0j719BOu59i1gI4dTw4yq3apk0oAjiRs8_3gD3oqlFdjjx7wGiQat0TloeIY7rH-AzR4n8wdvFb4iAdJQw2WYjXQQgNTYKGPyE0AGPJC-OS79Q6ts9YbzFYV0M1_9Wd0_syEsw2vVHJBdwRx1RXXV5OgVNb3a85hH9HAjF3oR_tsIayvV5zJs4SqYzI1hShkNVKtOLshYniRwcC2CkmW3Cp86b1Sp3YHfl6l3ZsShoG1Zn1VxS-lVVeaqWYg1jitHbqVCKohjyspQXTC58E7lZhz2oV8yGEXcntARxYp9aEHHLxrt-7dRHLJAGVK1RmcD1aChOMyIdwpAxesoAATj4VJk--bJ5A7XZeDKenZix29nfMu4D0XDraZFDC2xH7JNNNOicu-fbASk1Xfs-T2MvC2jidy0E6zD_XPqGh-K6Ip7ybFiXqmlt9q-oF1RcW89WszbMWUm568Zzs2QIBNTb2tzQf--SErPVTNw2WwL69XJbuEDbyNxPBoZON4mCSXAt6YuR6OvoLq184U6NaPc4e1xyqc-pu2S4cmwL-M52QUFIQnxRd6tFp4tOTlZPj6CzuTDBtP3hX8jGjvvGHi03rsNHyZ9LtcZZDSfzKc-xmvn7wgdaN8VqE3A2BLSAXIsotyqyjCTeBdem7HDPlPnAsyqDGl-_-Jvil8VtlSX_kyiFzHgmJAa2AmNcdP8q0bxdgNI3bJw3RlIIpdK98Z16CV84N3TjjOeiYH7mEsqk26I97BKv8ODk922iiD_1LGVf4JSoU7KYRTy2toGdPz3I9Ds0rJe3yu-07dPvjwebj4ZrtsuxKjirLnPBm1jcU3nG88RAGM2b1M2QIa8jxIfeaCrEJep0m9mY4tyrtmunW2nBAy3C4Gw5UWmu9632U71HYosbPArO3CjzpOG3koZngArirDN7dBBHh14H_pBTIB1LbtlHutmzWtzarCiaOeKYJ7T-LlxthBo6cfGVLXvhFaz51Y7w5IoTD12lRejZkqDUh78B232b3j_SfAbrB7zkyW7LFyBM87tadP5vpUDZC5c13m_bFWpjZZF2ntGoeCXGMNbUnIAzBZer1-i6nRdAZJRg9ovmMXtcLYXtQQHpk44XooABv6qV4I4AXlW9wGIp3tLEFbJcLrH6c1Y3XGbbA55PNd0IKQ3fuJ6l6MfOvY-9SBGTfB3UPLja61CDA266d0V3dw4PvXB_LpzBkWm0y5TCDrEfk6FFUjhDBCP--C0tRgBpjEW55VFTCZDq_6AaJ3KzicnUQRcgZJg17341fhCy5DaYV-jsAleLdhryq2XsPSYCK7wg0lshEpil9D2JoVxAyo2Kb6vboe4rseH_jEYpSIzaTUbvoIKd8C-B78BwQd7OVhCAZHYwpoFNDDH_wKPXQAxxcWQSJnicDwSGodHNBqp11ifYcWUTvboo6N13nnGKf021rN_XFYvy-tUggb0sJgZh9syhujPPGILUPLJrnY3yffTMDeBGFmdQpF6XLfYvcDe77hlWKDRmAJ0d_OMWQZhzA8NEQzmhEeRYlEeVvEElxa5yP2yyjvVDJIldVXdGPKJRJZw5gGLCYS2cPIxsiOFhYbyRTt_HZfN06xqqrN1tJIfOG-MlWNqRdlqbXOJvsCDpULtuvV73O_xU8Suk-6cJI6xsuC0meiWaQ4sLCiEfsEKV4GYEk5YS9kZBgW71CaINJGX5TE97xbD6EIvhP7EKY-IEojwNAmXraO3JPN2sVyTrNcOl6Xwf8Coe9QmvATxAvjD74OirisqFN7x5Y2VQCULrj2-cSjWt2bqXJ8y3FFYhWmi2cS2UfVJBkT7vbzFaSvV-oXszAkaJEK2v1jdv7ey597vuYWHBG4G-OzZTUuEmarQB3rmGg8JvLikiCfW4ZKyjM30QVQYCVe3_hmjx4_S00gJ0Lybnt8ii15xxM6KMDP-Xz37n2vmg196-27hfyVe4SImgG-4LN3muaN_Hf-D4GD45Rsg6_6LNeeH1e32R7mb-7-OyBnfZtKfLrtUXnxKaDjHHfA54c34ZW8oPv67TBmh4W3uBT6Gfm0AgsNSdC1jcGYoWfNnVWOy1gWx_I8j3M7Lj_u10sojwNB3FO7JY3fp6SnI9C5fN85Nwmis94CVqKMAUHfC64l0BjtH5lY9o3yA6SWWfDJOb4VVVU_HnsGXtvmJ7B25rGJ2KgG4_EmLQXdgxJ2jkdL2B1Clb_4eB-9qZnBATsuLxIUcLB1nd07vaNPGUOalWQlmp-aRhRuteneG-lyMix6E6Ej4O7h7uUzTAH3DwuJD9-2jt1KxBcxlm_TkNNKYi-j3o-nAP4AIGpDQKQEquQGtQBs0PYW8JRoIE2bz3eTECU4vv1xLqHGqTv-Gx1v2eW2uKWT_ejBhs0kH5rVkfiYRKcWImZKI20DEV71koFfd2HksR5PZQlowQa9ZEmafJIeUgVL85Aedd3tZSV72s9qx46U2hxC4eETVtWxfJDezY0lHdANj-wBYPMClLRGucPm_Rme3_X3DI3rnCWtbUWP5HxSIxZCSZ678lSeKqXRY3Ba3Dlg24jjhOLRyLnzwS_kbauZVoeHrGZhrmDd8XGjnCHdbfv9XlU6Hk4fNt1sJN2_yZHckn9G0TB-ODYAJnIH3pvNfVJ1jzpatFe-xmPE80FSKqkcumiuBJ8oDpZopCnu9nD4snwM6FnvIK_LhjyVeHQercO8jynQveGVyrEzcNzKqRFv6ErrIPNvAPFcybiUdKnqXn98d6vIKdkI_tmJF5svh8dOjrePQazvRZ72Mi__3hCuOVaPX2OyoxMaryhYVdV5bkbKAo7AUr7zTEdRm94nQwLiLvLwKBqxrRLWdHEbjWOJW4FaHe8AaGQgAEhXkaFoN96WbV6oO8neRIixVA-0pvfFgAQ

118 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nv.ua/
Redirect Chain

http://nv.ua/
https://nv.ua/

259 KB
50 KB

69ms
22ms

Document
text/html

141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: badfe630d96a38456591cacf9be541b00b26a1c0917e565509b32c8976002c47

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

server: nginx
date: Thu, 24 Feb 2022 13:34:20 GMT
content-type: text/html; charset=UTF-8
content-length: 50899
x-cacheable: 1
nv-cache: 180s
content-encoding: gzip
varnish-ttl: 180.000
vary: Accept-Encoding
age: 61
accept-ranges: bytes
x-cache: hit cached
x-varnish-hash: GET:nv.ua/:desktop

Redirect headers

Server: nginx
Date: Thu, 24 Feb 2022 13:34:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://nv.ua/

GET
H2 200 nvua-icons.woff2
nv.ua/fonts/ 13 KB
13 KB 22ms
22ms Font
font/woff2 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/nvua-icons.woff2?02836d3970fb4d607aad597e0eff230e
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 4457b5354c13990d3e20d6d958bde6b43c44c4410d7468c1fc6bdbfd5824c29d

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 29 Apr 2021 13:46:00 GMT
server: nginx
etag: "608ab898-34f0"
content-type: font/woff2
cache-control: max-age=31622400, max-age=31557600
accept-ranges: bytes
content-length: 13552
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 ga.js Show response
nv.ua/scripts/ 391 B
599 B 22ms
22ms Script
application/javascript 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/ga.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 1685cb58ad7de40415d4bfdc156133febe1c4fe5220706624a7348b3514a80cb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Tue, 13 Apr 2021 10:39:37 GMT
server: nginx
etag: "607574e9-187"
content-type: application/javascript
cache-control: max-age=31622400, max-age=31557600
accept-ranges: bytes
content-length: 391
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 /
images.weserv.nl/ 11 KB
11 KB 393ms
29ms Image
image/webp 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/079/original/f38165a14879d64aa8ed661d8e7f8849.png&q=85&output=webp

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57138792f0f9723e0ac85492f8e60f31af475480e29165903966d946c486f3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-images-api: 5
date: Thu, 24 Feb 2022 13:34:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539829
x-cache-status: EXPIRED
x-upstream-response-length: 51260
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.webp
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11148
timing-allow-origin: *
last-modified: Wed, 02 Feb 2022 04:43:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7V1j12HKXlbV6vyxJeSM1kXvqdTcTKYh4%2Ftq4Ung8aDQgcgLoh476UjexYe1Cr7yoaNY%2FBt5zzdJJj0TFMcw7LjMGJ6LoP8KkDz78aATRRPrkolRYE9MsuTNDjdFyyF2EeVZi4oxzYjdN0OWKHu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e2912228d3869b0-CDG
link: <https://static.nv.ua/shared/system/top_images/images/000/000/079/original/f38165a14879d64aa8ed661d8e7f8849.png>; rel="canonical"
expires: Thu, 02 Feb 2023 04:43:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
62 KB 396ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: nv.ua
URL: https://nv.ua/scripts/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40a64ceaca9fd3dc758fefce5cb6109106675bd34cb4a9fa652499d92ca454cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62938
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Feb 2022 13:34:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 393ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

aa19dbe9a9955e52aa4ea95c727dfcd38a8df4bfe7422223dd78a9acc2bfb43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27393
x-xss-protection: 0
server: sffe
etag: "1141 / 593 of 1000 / last-modified: 1645704594"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Feb 2022 13:34:20 GMT

GET
H2 200 tablet-fixes-768.css
nv.ua/css/ 2 KB
720 B 22ms
22ms Stylesheet
text/css 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-768.css?4.01
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: f97aa6f7cfcf30bd74d3f00da415ef44dde1ad1177efee0ac4aa641d116bb9b7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: br
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: nginx
etag: W/"618b9271-67d"
content-type: text/css
cache-control: max-age=31622400, max-age=31557600
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 tablet-fixes-1024.css
nv.ua/css/ 2 KB
696 B 23ms
22ms Stylesheet
text/css 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-1024.css?4.01
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: br
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: nginx
etag: W/"618b9271-700"
content-type: text/css
cache-control: max-age=31622400, max-age=31557600
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u04...

43 B
528 B

60ms
60ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413%u043B%u0430%u0432%u043D%u044B%u0435%20%u0438%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u2014%20%u041D%u0412%20%28%u041D%u043E%u0432%u043E%u0435%20%u0412%u0440%u0435%u043C%u044F%20%29;0.5910069439522352

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 13:34:34 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Feb 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 13:34:34 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413%u043B%u0430%u0432%u043D%u044B%u0435%20%u0438%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u2014%20%u041D%u0412%20%28%u041D%u043E%u0432%u043E%u0435%20%u0412%u0440%u0435%u043C%u044F%20%29;0.5910069439522352
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 23 Feb 2021 21:00:00 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 22ms
22ms Font
font/woff2 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: nginx
etag: "60e41fd8-944c"
content-type: font/woff2
cache-control: max-age=31622400, max-age=31557600
accept-ranges: bytes
content-length: 37964
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 37 KB
38 KB 22ms
22ms Font
font/woff2 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: nginx
etag: "60e41fd8-9578"
content-type: font/woff2
cache-control: max-age=31622400, max-age=31557600
accept-ranges: bytes
content-length: 38264
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 label_nv_75.png
static.nv.ua/images/main/ 7 KB
7 KB 36ms
24ms Image
image/png 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/label_nv_75.png?q=85&f=webp&stamp=4.01
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 0be818c7297ada14488ab6e8136a0baa769ef214ad2beb3679af97271e660c42

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Mon, 15 Nov 2021 09:22:42 GMT
server: nginx
etag: "619226e2-1a8f"
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 6799

GET
H2 200 author-arrow.svg
nv.ua/images/ 419 B
621 B 22ms
22ms Image
image/svg+xml 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/author-arrow.svg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: nginx
etag: "5e6ff361-1a3"
content-type: image/svg+xml
cache-control: max-age=31622400, max-age=31557600
accept-ranges: bytes
content-length: 419
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 53 KB
53 KB 23ms
22ms Font
font/woff2 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: nginx
etag: "60e41fd8-d430"
content-type: font/woff2
cache-control: max-age=31622400, max-age=31557600
accept-ranges: bytes
content-length: 54320
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 58 KB
58 KB 25ms
24ms Font
font/woff2 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: nginx
etag: "60e41fd8-e8b8"
content-type: font/woff2
cache-control: max-age=31622400, max-age=31557600
accept-ranges: bytes
content-length: 59576
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 icons.ttf
nv.ua/fonts/ 14 KB
14 KB 29ms
29ms Font
application/octet-stream 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/icons.ttf?a1cca35a7cff126c89b48684aee63b69
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: nginx
etag: "616eaf71-3914"
content-type: application/octet-stream
cache-control: max-age=31622400, max-age=31557600
accept-ranges: bytes
content-length: 14612
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 232eece95eab651d0436e2fd86366686.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/973/original/ 11 KB
11 KB 22ms
22ms Image
image/png 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/973/original/232eece95eab651d0436e2fd86366686.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 6bd6920c2c37b57eddcf02fdd098052ab8e9e91fead33244e6dccaa6d9ebf6a3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 17 Feb 2022 16:26:11 GMT
server: nginx
etag: "94c25484185d8fc5b823b695267ca0d9"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 7a1ce3d1240553b38445ba89f71e9218.png
static.nv.ua/shared/system/opinion_authors/avatars/000/009/409/original/ 6 KB
7 KB 23ms
22ms Image
image/png 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/009/409/original/7a1ce3d1240553b38445ba89f71e9218.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: f6974907cb75c804094b8dfc76e0c4ed59d4b8bf0f982e4a5815d83eb561c672

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 09:07:20 GMT
server: nginx
etag: "8ec70aa45ee0c5c21f382e9606c95065"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 8808a5ae8ba9e53b299d59268bb48687.png
static.nv.ua/shared/system/opinion_authors/avatars/000/009/591/original/ 12 KB
12 KB 23ms
22ms Image
image/png 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/009/591/original/8808a5ae8ba9e53b299d59268bb48687.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: f7cdef99c23020b36e5eee53c6b0a85e5747e35bbf00f086767c70e660622980

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 10 Feb 2022 14:00:39 GMT
server: nginx
etag: "07e37b557c922429d1ebc1d4c8166315"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 6f4c8c3fbd6935ad87bad1bbcd61028f.png
static.nv.ua/shared/system/opinion_authors/avatars/000/010/211/original/ 12 KB
12 KB 23ms
22ms Image
image/png 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/010/211/original/6f4c8c3fbd6935ad87bad1bbcd61028f.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 44e03086f26e3cc0aab1f0c1ca9d8692d0d524e67569800adda407edc2347345

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 09:39:04 GMT
server: nginx
etag: "dd3b74d39f999110cf1b5291e613c980"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 /
images.weserv.nl/ 4 KB
5 KB 324ms
30ms Image
image/png 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/073/original/c106d42279d2365f02248d0cad7796d8.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e277e2307545b2af9e4f500d731db0ed93c2162f0ecb0b32185d3f9448ba0ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-images-api: 5
date: Thu, 24 Feb 2022 13:34:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781104
x-cache-status: MISS
x-upstream-response-length: 5040
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4502
timing-allow-origin: *
last-modified: Tue, 15 Feb 2022 12:31:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80hma0whKCEYRsq35Scqcs1YC3vIqkfdhQwKWTOLAklyVj2Tgu%2Bbz0kJMs9AA8JeUe9R2uA6vIjBG9A0Gb20G6FOgCMIPK60cJWWTebSCufuNrVqbhBmlBfIn0FtaPT4hMB%2Bhzvv%2FFVd4k0dlRjO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e2912228d3569b0-CDG
link: <https://static.nv.ua/shared/system/top_images/images/000/000/073/original/c106d42279d2365f02248d0cad7796d8.png>; rel="canonical"
expires: Wed, 15 Feb 2023 12:31:38 GMT

GET
H2 200 /
images.weserv.nl/ 5 KB
6 KB 325ms
30ms Image
image/png 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/075/original/c9eadea70abeb62f0f5fee64f2b430df.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e33063a185d3f81eeb953b5a805f8f4f2ac6efe74dbfbd0383f950c060f9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-images-api: 5
date: Thu, 24 Feb 2022 13:34:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1932212
x-cache-status: EXPIRED
x-upstream-response-length: 6391
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5261
timing-allow-origin: *
last-modified: Wed, 02 Feb 2022 04:43:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMos6SeVkAmRVNEH9VnendHo4NMLqx5sb2hDQc2Fdq%2FZEKQlY%2B%2Bba6vX%2B37UZu1ZuJdrjxd1oY7e%2FunPHlgmhowiO0BM5r9WeCh2Qqyja9P7qUWOrDnQ8oWlIqItUW1ndSa9jx51H%2FMQyCysL2v8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e2912228d3669b0-CDG
link: <https://static.nv.ua/shared/system/top_images/images/000/000/075/original/c9eadea70abeb62f0f5fee64f2b430df.png>; rel="canonical"
expires: Thu, 02 Feb 2023 04:43:14 GMT

GET
H2 200 /
images.weserv.nl/ 5 KB
6 KB 299ms
28ms Image
image/png 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/077/original/9294e39b97f98c2d4e8d255d60edb46d.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

011c5b161f01f755e472499a0d1bdb41dc61cc6b1c692b619912e83a75123175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-images-api: 5
date: Thu, 24 Feb 2022 13:34:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1932212
x-cache-status: EXPIRED
x-upstream-response-length: 6219
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5165
timing-allow-origin: *
last-modified: Wed, 02 Feb 2022 04:43:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDpJzXv9Mgsq4Z3E59gvkDbSGj5wZ6vWFdAAxSzPs%2BFo6BJd0wfspI9FyKigXi1fzFcrScoa6oNK9sT%2Fl6AdrQ2r3QglDVYwZCt5Hvutxv1b1mXFrEBmKYASziNh3VqZwvE6VcoQXeAaK2dBg5KC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e2912228d3769b0-CDG
link: <https://static.nv.ua/shared/system/top_images/images/000/000/077/original/9294e39b97f98c2d4e8d255d60edb46d.png>; rel="canonical"
expires: Thu, 02 Feb 2023 04:43:33 GMT

GET
H2 200 d0c198ef10202398e380807428122c4f.jpg
static.nv.ua/shared/system/Article/posters/002/460/565/original/ 92 KB
92 KB 31ms
30ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/565/original/d0c198ef10202398e380807428122c4f.jpg?q=85&stamp=20220224135213&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 936f9f2ee832f295a790828dd9551270607e8cbbb343074e7bb8b6b03a285285

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 10:55:00 GMT
server: nginx
etag: "f22e081e5b8fc6e8c7cd53a54578afb1"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 7dd7efc0d9a8f7d4f544880740f58157.jpg
static.nv.ua/shared/system/Article/posters/002/460/964/600x300/ 17 KB
17 KB 31ms
30ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/964/600x300/7dd7efc0d9a8f7d4f544880740f58157.jpg?q=85&stamp=20220224135830&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 3e74aedec4ed908c9ce4b065f7ce3c957878634f996cbab91f493a96c397666c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 10:59:13 GMT
server: nginx
etag: "6a4ee810d77381d7cbb5685301636f09"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 4a91aee1c4636a59cd65cc33616b918e.jpg
static.nv.ua/shared/system/Article/posters/002/461/034/300x150/ 12 KB
12 KB 31ms
30ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/461/034/300x150/4a91aee1c4636a59cd65cc33616b918e.jpg?q=85&stamp=20220224151538&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 2bfcfbe51c422241c10ca62e56f655d4224653f75cc137f868e8df16852b9716

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 12:22:38 GMT
server: nginx
etag: "147c4a1071133aa41a8eb5eaec0d6ca3"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 bd1034d1d348bd407ae685a8b9bbb624.jpg
static.nv.ua/shared/system/Article/posters/002/460/997/300x150/ 18 KB
19 KB 23ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/997/300x150/bd1034d1d348bd407ae685a8b9bbb624.jpg?q=85&stamp=20220224145812&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 7794c62b26259102c72ee987968b14315d3007d5d647c056bafc214746d352b8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 12:15:13 GMT
server: nginx
etag: "25cf223e2ea1c9c6e4fb0c82f2029097"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 a2a909e9d18536a782214aa62f33f51c.jpg
static.nv.ua/shared/system/Article/posters/002/461/019/300x150/ 5 KB
5 KB 23ms
22ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/461/019/300x150/a2a909e9d18536a782214aa62f33f51c.jpg?q=85&stamp=20220224150152&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 7e354744cbca727150166cda7836229f74f9878b90a18fb425f12db5f6ef2f72

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 12:11:58 GMT
server: nginx
etag: "dc0f9bc6ed98856ae87db662c046fb5f"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 b0ed7964837affc69edfe5432093adf3.jpg
static.nv.ua/shared/system/Article/posters/002/461/021/300x150/ 14 KB
14 KB 23ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/461/021/300x150/b0ed7964837affc69edfe5432093adf3.jpg?q=85&stamp=20220224150445&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: df6b45679cddc62b164f1c2aec34a49a0431a283fcb3f8a0badbd03b21baddc2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 12:10:13 GMT
server: nginx
etag: "3ff7ca79cf0da509b440c3bc9d27c40a"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 76510b0fe46fc22640f2e9c84084b040.jpg
static.nv.ua/shared/system/Article/posters/002/460/973/300x150/ 7 KB
7 KB 24ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/973/300x150/76510b0fe46fc22640f2e9c84084b040.jpg?q=85&stamp=20220224140807&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 5003be8fb61f72d449fec505923ff5c4117b3a48907416f35c07fe2cee25aa7e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 11:45:13 GMT
server: nginx
etag: "5448371b52e664d44adade2da25ae41e"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 e9ca740e5cf78c8895c37188044cead7.jpg
static.nv.ua/shared/system/Article/posters/002/460/993/300x150/ 7 KB
7 KB 24ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/993/300x150/e9ca740e5cf78c8895c37188044cead7.jpg?q=85&stamp=20220224143521&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: a33c2e741941948e5422c6274f1f1844b308f923cf123e3f02a4c28ca40713b1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 11:46:10 GMT
server: nginx
etag: "e48a6353131fc7b1b8812dbe4bf27ca1"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 6298acc79a0e7b4eec284df95bb11ea7.jpg
static.nv.ua/shared/system/Article/posters/002/460/985/300x150/ 10 KB
10 KB 23ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/985/300x150/6298acc79a0e7b4eec284df95bb11ea7.jpg?q=85&stamp=20220224142552&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: d7499826f2749f15747fd54911084ee5e9ffab3787fdc35dbad01525039c6dae

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 11:50:20 GMT
server: nginx
etag: "a4b450b39a2da21019044ac3ca90b47b"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 58c8753784877823aafbeb234282985a.jpg
static.nv.ua/shared/system/Article/posters/002/460/977/300x150/ 9 KB
10 KB 30ms
30ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/977/300x150/58c8753784877823aafbeb234282985a.jpg?q=85&stamp=20220224141641&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: e18aee161952050e4198c2e4872c6a8d5a45a05a060b1daf23ad34ca11450c4d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 11:25:10 GMT
server: nginx
etag: "2474359734893bf56435591d771780f0"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 538dea5afa41c06269af5ba233a09281.jpg
static.nv.ua/shared/system/Article/posters/002/460/960/300x150/ 15 KB
15 KB 30ms
30ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/960/300x150/538dea5afa41c06269af5ba233a09281.jpg?q=85&stamp=20220224135913&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: d08c4470654d3ae0d80d84cb71325fe88b72913f65542f9068170c569be95be5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 11:06:55 GMT
server: nginx
etag: "3bc9a3f4976a17994fc72b004d9b5b20"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 e20e974ff7e2b079bfe26d2869c677de.jpg
static.nv.ua/shared/system/Article/posters/002/460/950/300x150/ 12 KB
12 KB 47ms
45ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/950/300x150/e20e974ff7e2b079bfe26d2869c677de.jpg?q=85&stamp=20220224134833&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 46f2a7163b7e8122a448f185ca97749eb8b7f85b26f37ad488b88637e946ac73

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 10:52:12 GMT
server: nginx
etag: "7c9647d045b1b9599be603bb2aa6e2ea"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 b62e9ddefe23a79fc5214c15062ec125.jpg
static.nv.ua/shared/system/Article/posters/002/460/776/original/ 100 KB
100 KB 47ms
45ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/776/original/b62e9ddefe23a79fc5214c15062ec125.jpg?q=85&stamp=20220224112908&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 0f50537bd67dcd3f340254ddb4fb79bddc06d2fc1d107b93f81b97b951ffca08

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 10:17:40 GMT
server: nginx
etag: "e759ef5560f0bfa64b2f9ff8e087afc2"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 316bc56e600dd23ad158b7d49c9d755d.jpg
static.nv.ua/shared/system/Article/posters/002/422/102/600x300/ 7 KB
7 KB 48ms
46ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/422/102/600x300/316bc56e600dd23ad158b7d49c9d755d.jpg?q=85&stamp=20211208180051&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 6561b20d9ec37a59408d35be0f1240c1eb9280c1f8b3dd6b3ff5a25bafcaa8b6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 03:09:50 GMT
server: nginx
etag: "4f864dc7996db4d27397a25d255b21c9"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 23beae444f5fb3d997d8aee3e11c3984.jpg
static.nv.ua/shared/system/Article/posters/002/460/661/600x300/ 24 KB
24 KB 47ms
46ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/661/600x300/23beae444f5fb3d997d8aee3e11c3984.jpg?q=85&stamp=20220224103527&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: d596968fef8e48cfd9193d24eb9324725dc84ba68ff231da4ad7b18f263c4b69

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 07:40:03 GMT
server: nginx
etag: "3745c64e6aaced75647b964602108bbd"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 762566b04fd7576567e7fc137362522e.jpg
static.nv.ua/shared/system/Article/posters/002/460/714/600x300/ 69 KB
69 KB 24ms
21ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/714/600x300/762566b04fd7576567e7fc137362522e.jpg?q=85&stamp=20220224101038&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: facbebb23aa8731e6a2de2722c4d5b9c6804103b56aa487dcff157be26a410c0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 07:13:36 GMT
server: nginx
etag: "d8e2abc731f867ac5bd9b22baa631f2b"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 85ca7fb03ca944310dcc00e7b2627464.jpg
static.nv.ua/shared/system/Article/posters/002/460/279/600x300/ 19 KB
20 KB 24ms
22ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/279/600x300/85ca7fb03ca944310dcc00e7b2627464.jpg?q=85&stamp=20220223165851&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 95ca2be93c5ad766a8a83ed2c78ba3e6f8e695d35d8a6317f5c0d03f9949b29d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Wed, 23 Feb 2022 15:08:49 GMT
server: nginx
etag: "fc0352bd5546070d3e7a7de393a748e0"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 0d4e12bfae4692cf64b3866123adc06d.jpg
static.nv.ua/shared/system/Article/posters/002/461/040/300x150/ 7 KB
7 KB 25ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/461/040/300x150/0d4e12bfae4692cf64b3866123adc06d.jpg?q=85&stamp=20220224152314&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: c5f87b54af5403c21d653727fb5fe8e0e2b8c6053507e91b158e4956e4d3c89f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 12:30:22 GMT
server: nginx
etag: "abc5ccbec513d469f628d191adb08679"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 cb7adb12ea0c2d12caf986baa2d80854.jpg
static.nv.ua/shared/system/Article/posters/002/461/005/300x150/ 5 KB
5 KB 25ms
24ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/461/005/300x150/cb7adb12ea0c2d12caf986baa2d80854.jpg?q=85&stamp=20220224144509&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 945106e2d0aa7a20278e35d205f8d25c4eef1205f1f8e42b4c45131c89111642

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 12:00:18 GMT
server: nginx
etag: "bb174d7b6e5bac263c120e4070b9243d"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 9abdd1291368cceb9e0d75e6729e9121.jpg
static.nv.ua/shared/system/Article/posters/002/460/821/300x150/ 7 KB
8 KB 24ms
24ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/821/300x150/9abdd1291368cceb9e0d75e6729e9121.jpg?q=85&stamp=20220224122835&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: ee2f168da98bc477383de98bee3c89ece88fb9ca745630ae0b5af8c288a5193d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 09:30:13 GMT
server: nginx
etag: "230729b0ebb850205331a7155b56e74a"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 dd1443fa46f2895044948a28efd3dfa3.jpg
static.nv.ua/shared/system/Article/posters/002/443/237/300x150/ 12 KB
12 KB 25ms
22ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/443/237/300x150/dd1443fa46f2895044948a28efd3dfa3.jpg?q=85&stamp=20220224130214&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: fbf97333e5082f2ee25f4c4859e28e688db8cc1ecaca5328e9181c5f346e6885

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 10:09:02 GMT
server: nginx
etag: "63196e75a364255ff4cc7fff936c8ab3"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 093f030e8ef85db4e27ce4a266881171.jpg
static.nv.ua/shared/system/Article/posters/002/460/805/300x150/ 17 KB
17 KB 23ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/460/805/300x150/093f030e8ef85db4e27ce4a266881171.jpg?q=85&stamp=20220224114638&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 33bb69dbe53ecb529fe335613ed5ed2160f22af3b4f37a4afb81626eac3efa58

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 09:21:50 GMT
server: nginx
etag: "affdbbc005c816706cb893cef9ae0bc2"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 106d6fd799ca65ea5228515cd2f05f1e.jpg
static.nv.ua/shared/system/Article/posters/002/454/633/300x150/ 13 KB
13 KB 24ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/454/633/300x150/106d6fd799ca65ea5228515cd2f05f1e.jpg?q=85&stamp=20220214160833&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 4ab8a7bd40d04ba676bae7eafbe5af25842f8da40395a928a70caefd2f120ae1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Thu, 24 Feb 2022 08:11:20 GMT
server: nginx
etag: "a456592a25aa75fdf9b721e026a2d242"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 d6a65492a639645281e46c9281a1476d.jpg
static.nv.ua/shared/system/Article/posters/002/459/552/original/ 236 KB
236 KB 24ms
23ms Image
image/webp 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/459/552/original/d6a65492a639645281e46c9281a1476d.jpg?q=85&stamp=20220222170958&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 4bf89cff6a2d79b3a62efd7085592a218ff2c8606f42a5c0c26034f499008b10

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Wed, 23 Feb 2022 10:35:51 GMT
server: nginx
etag: "f2d9243c1dadef05434f5442fbe846e1"
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 40 KB
11 KB 303ms
45ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 08:43:58 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Fri, 25 Feb 2022 01:34:20 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 293ms
52ms Fetch
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 10299460923770683171
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:34:20 GMT

GET
H2 200 all_scripts.min.js Show response
nv.ua/scripts/ 131 KB
42 KB 24ms
23ms Script
application/javascript 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/all_scripts.min.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 1c505c0bc7f989b3fb928ab9db2062c75a9718ee7a7dcdfd33fd94b433ec939c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 13:52:33 GMT
server: nginx
etag: W/"61fbde21-20a5e"
content-type: application/javascript
cache-control: max-age=31622400, max-age=31557600
expires: Sat, 25 Feb 2023 13:34:20 GMT

GET
H2 200 1.html Show response
nv.ua/get_additional_blocks/ 45 KB
9 KB 33ms
32ms XHR
text/html 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/get_additional_blocks/1.html
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.95.64.123 , France, ASN16276 (OVH, FR),
Reverse DNS: n1.nv.ua
Software: nginx /
Resource Hash: 589f965a1e965ad87e58357fe254c86efaad955f67e31803f7529179455e805f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: gzip
x-varnish-hash: GET:nv.ua/get_additional_blocks/1.html:desktop
x-cacheable: 1
server: nginx
age: 777
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
nv-cache: 900s
accept-ranges: bytes
varnish-ttl: 900.000
content-length: 9457

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
388 B 42ms
42ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 3350916ca0d5c6282c7f5e5402bc6528d1520a8c0b311ec283f8be78b1254107

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 274
expires: Sat, 26 Mar 2022 13:34:20 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame C687 5 KB
3 KB 130ms
40ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: ef0b9bd94fa0434d2cdc16382ed2000bbd26a85efc001363c233cf3ef997f360

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
expires: Sat, 26 Mar 2022 13:34:20 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2714
content-encoding: gzip

GET
H2 200 pubads_impl_2022021701.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
122 KB 25ms
24ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124510
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 09:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 13:24:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 192 B
141 B 67ms
35ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2941793735d18273074e2f58e0476f9deac20d00e198c6680876dd15be94a880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:34:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 66ms
34ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc360f3b6cbaace99357e80360f12cda3b908394a6522de051b92a187f9f2ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64825
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:34:20 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 90 KB
35 KB 92ms
34ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-586SXC9

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95d02ce1841e247d758b29522d6eeac9ecd1ff2d319fe84342d549836126f25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35680
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Feb 2022 13:34:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 92ms
34ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 92ms
34ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
10 KB 344ms
344ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4102766636599184&correlator=3739586716073234&output=ldjh&impl=fifs&eid=31064150%2C44756895%2C44756896%2C44756432&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220224&iu_parts=271925883%2Cnew_nv_premium%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=240x400%7C240x350%7C300x600%7C240x600%7C300x250%2C1920x1080%7C810x60&prev_scp=lang%3Dru%26razdel%3D1000%26section%3D1000%26url%3Dhttps%253A%252F%252Fnv.ua%26newnv%3D1%26only_selfpromo%3D0%7Clang%3Dru%26razdel%3D1000%26section%3D1000%26url%3Dhttps%253A%252F%252Fnv.ua%26newnv%3D1%26only_selfpromo%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1645709660735&lmt=1645709660&dlt=1645709660150&idt=564&frm=20&biw=1600&bih=1200&oid=2&adxs=1114%2C-160&adys=1204%2C0&adks=1542901095%2C1595207724&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fnv.ua%2F&vis=1&scr_x=0&scr_y=0&psz=0x308%7C1600x0&msz=240x0%7C1920x-1&ga_vid=567991377.1645709661&ga_sid=1645709661&ga_hid=786903807&ga_fc=false&fws=128%2C640&ohw=0%2C0&btvi=1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4e8ee3f64944a1c93d4551089088e8095b261473cc4d0543936130207f4a3dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10627
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3111 6 KB
4 KB 139ms
44ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 24 Feb 2022 13:34:20 GMT
expires: Fri, 24 Feb 2023 13:34:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1645709660762/
Redirect Chain

https://gaua.hit.gemius.pl/_1645709660762/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&re...
https://gaua.hit.gemius.pl/__/_1645709660762/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F...

169 B
423 B

83ms
82ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1645709660762/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=155&lsdata=DvnA6K66_Q9R_EYmYhKf5f800V3u.eAww2g_iYlIT1j.47rO0.Ms_tBLiPn1_.YlYdcfLC3g7LruJv3Ng5mwoaflDF50/buCNF1MrAm.eP/&fpdata=3wjL1UiwfTMdn_F_w2WFEkW7eNx3asPrBMgw.rHZVsr.h7&vis=1&fpcap=
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e0fb8d50a728d4fb13bebef0b4f9f43a69596aadbaf06ec6729cfb1e3cfd7aad

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:20 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 23 Feb 2022 13:34:20 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:20 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1645709660762/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=155&lsdata=DvnA6K66_Q9R_EYmYhKf5f800V3u.eAww2g_iYlIT1j.47rO0.Ms_tBLiPn1_.YlYdcfLC3g7LruJv3Ng5mwoaflDF50/buCNF1MrAm.eP/&fpdata=3wjL1UiwfTMdn_F_w2WFEkW7eNx3asPrBMgw.rHZVsr.h7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 23 Feb 2022 13:34:20 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 68ms
35ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oe2g0&_p=786903807&sr=1600x1200&ul=en-us&cid=567991377.1645709661&_s=1&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%9C%D0%B8%D1%80%D0%B0.%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%94%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&sid=1645709660&sct=1&seg=0&en=page_view&_fv=1&_ss=1&epn.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&upn.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5368
date: Thu, 24 Feb 2022 12:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Feb 2022 14:04:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
435 B 68ms
22ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51943557-1&cid=567991377.1645709661&jid=751712448&gjid=663883913&_gid=1102938487.1645709661&_u=YCDAgEABQAAAAE~&z=2068254687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Feb 2022 13:34:20 GMT
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
24ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=786903807&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%9C%D0%B8%D1%80%D0%B0.%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%94%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABQ~&jid=751712448&gjid=663883913&cid=567991377.1645709661&uid=0&tid=UA-51943557-1&_gid=1102938487.1645709661&gtm=2wg2g0WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&z=718246871

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 17:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73181
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
images.weserv.nl/ 406 B
1 KB 66ms
29ms Image
image/png 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/upload/sub_arr_open.png?chernyak&q=75&stamp=4.01

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

275fed66a144ba70e5290629ee122bd0016a89410b1dadc604c2daa395443443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-images-api: 5
date: Thu, 24 Feb 2022 13:34:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1232671
x-cache-status: MISS
x-upstream-response-length: 447
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 406
timing-allow-origin: *
last-modified: Wed, 09 Feb 2022 13:57:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RULPOvZw1kAbqWOTGcGp%2FmrHlBQbzaWWp4Nr8HZbgCaGkfrmYcpEU%2F3I6jBRbfSAzRy8wNhkWlM2vgZMxYpzdR72AaJGcqpe501ytZOEeJhIUfY24J2AdV6oFEJpinJyl2DhDMf9m5Liuq%2Bx5Tgx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e291224efb332b9-CDG
link: <https://nv.ua/upload/sub_arr_open.png?chernyak>; rel="canonical"
expires: Thu, 09 Feb 2023 13:57:36 GMT

GET
H3 200 /
images.weserv.nl/ 198 B
952 B 72ms
35ms Image
image/png 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/upload/sub_close.png?chernyak&q=75&stamp=4.01

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ac6090640ad0b4a09f3588c838aad6ccb836b594468c5d42601d6a76044ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-images-api: 5
date: Thu, 24 Feb 2022 13:34:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1232671
x-cache-status: MISS
x-upstream-response-length: 197
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 198
timing-allow-origin: *
last-modified: Wed, 09 Feb 2022 13:57:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBg0XFhKRRciSXMjoFwuE0yI9jrzmSB2O0UygAgNgWMdCyOwYyWDK9C6wD5BC6VNi8F%2FXVt3wVvwIAVynW0uN1jribVGQdtq63disyvOX44TrnbIULDX1t%2BXRoHyAsRoMXavFY0k%2FAMED68X%2BFs6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e291224efb532b9-CDG
link: <https://nv.ua/upload/sub_close.png?chernyak>; rel="canonical"
expires: Thu, 09 Feb 2023 13:57:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 77ms
45ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff22a864e99d704d08ccb4b558749f04dd5870f1f43e11057604735ab45411c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 13:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9836
x-xss-protection: 0

GET
H2 200 e2cf92341cc0001efb129d871a6cd63a.png
static.nv.ua/shared/system/vylazilka/images/000/000/001/original/ 467 KB
467 KB 22ms
22ms Image
image/png 141.95.64.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.nv.ua/shared/system/vylazilka/images/000/000/001/original/e2cf92341cc0001efb129d871a6cd63a.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

141.95.64.123 , France, ASN16276 (OVH, FR),

Reverse DNS

n1.nv.ua

Software

nginx /

Resource Hash

20ae1fc3d19c3444c04a53af3d76cb2ea1845cb8b657400aa589427b46b47a56

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
content-security-policy: block-all-mixed-content
vary: Origin
last-modified: Fri, 18 Feb 2022 08:52:57 GMT
server: nginx
etag: "bbab698f67303ab921ef9eebe5217032"
x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public
date: Thu, 24 Feb 2022 13:34:20 GMT
accept-ranges: bytes
content-length: 477792

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 118ms
59ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51943557-1&cid=567991377.1645709661&jid=751712448&_u=YCDAgEABQAAAAE~&z=1150554160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 108ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51943557-1&cid=567991377.1645709661&jid=751712448&_u=YCDAgEABQAAAAE~&z=1150554160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 95ms
37ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 13:34:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1367 13 KB
5 KB 59ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 13:33:04 GMT
expires: Fri, 24 Feb 2023 13:33:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 77
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EDC1 783 B
536 B 69ms
34ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62c5b2698a3195477d54ca1e022409fdcffbdf1b049e6213bf94efe0a598c64e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a7C/zE6fzyoBWDe/9LBWqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 24 Feb 2022 13:34:21 GMT
date: Thu, 24 Feb 2022 13:34:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-a7C/zE6fzyoBWDe/9LBWqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 372A 6 KB
3 KB 58ms
26ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 13:34:20 GMT
expires: Fri, 24 Feb 2023 13:34:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame 1367 35 KB
13 KB 59ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 11:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 11:47:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EDC1 0
0 76ms
49ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021701&jk=4102766636599184&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E800 624 B
974 B 99ms
38ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjk6dTBATAB&v=APEucNXTA7KFPZ8mYpCBSWBVg-PSQCOR7HxyaCdqujJdyR6Q56xag-tij-zZSNuQUINi0g7_pRjkYrhT6TbfDNM7ZkZ9jFaAM9HDe6_uXeBiHfc8nXbfERhx9LFcoAOus4a1Yr3lKxr_8v6Aj3rNkUmcQ9v2fdhuNmpdHcLIcYIZnn6sg7MGT1E

Requested by

Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 24 Feb 2022 13:34:21 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Feb 2022 13:34:21 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 372A 14 KB
11 KB 128ms
67ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AK4xAutHvB8yB-gUyBT9AliAzxao0PSpw4HXtC1wYIalguHXlQTC8ypoO6ZvDxKC4tgorY4L_lE8drLX9vww1N3ZnaAR3g_RjWHebPEKcrToHDO4MPHc0a6nJ3rV80pmjAdKmSxEDZAebiigQZIQvT_A-KWQ&dbm_d=AKAmf-AjcV0SlRXKET0ooz3Se6cjOUXp_rmngCeJbVyEKvKR6m-xBkqNT56psWpqYFllwZFr_uAS_VnbH4P7yCi-slvAayVGjoXd6MsxyRJdBJlcSwL5wYCPdgEOB47Z21kssjU9RANt8vv002q1kXptzF3QoyaKLooBB9QI4ZYPv-NhVv13x2fXyMurETtEisrnCciNAL4FuCzn93__kdXw8gB172XDFvunr60zGhe9UZwS221-rlF8frB_2hGOZUAZjsKzrnI0lX0hIyeofc32KKwFr1W0zZEfx9j_hsufMYxC32b9yz9gk_MjXPbHZHjdlFejj9h6WkvMLIhvgpMkAcvWXxujFXBqa8B4t5wk6OCLutTlI9WYOEmmf5YhlBmNscnfYc22YEgsiWSKAiToYmsTsBq24F03abYnPcmK0xDfvQreuC4Qe4CPHJE05d42ZtbM1smUc6QcDSHZIDplh4oHQDdaxSotzrBzHs5zJ1r1ctbuz6maflqX-jocJehWy-3YE3NYQFcisGpBxUL_BOKlpx5_XK6prPfeL1ygWb3Cp9xaH7C5XF-GHCDTRnoYVBsuKATEYsWkyFXBDx84bBW_zjDy9ESFsSxcYnxRQodlsL_ompZQTwFJYDQ_I6zrwreDds5J11kpchO2WR1N65tAEWJdr0nfDdyTr2p2vT2nLfNPmof0CEjsVN-eXcUEEBsp1s2A5qE91QFpr-mum4-yOsR-yNgm1s0VYrpjsbU3F3vJLiDhtmZuEhm-q1VBOxOD7PcS3lv-ulZW6GmF6g7kFIFQqRb7aiSkdRqIsORG4C96KH5-hgF6tkJTtwxMzz7Y3MLAfQUr_Q2aTiK1yN_KBUmsg_57T9D-3oK-TqzshCDwtavSeKDK2NHAWAwYnS09S9SvVwxmuL9JcXGL9ALLsuZaxphrUXVpB2WqMrVgXTbc9WK_-DYtVtvtarKAHXY5f0l9gz_8MojLyEj_CPzk13I6XrDN7zo4wLrBRW5BMjpCnqvboB1R8z3XP-g0SRuI_544gJ2bSphixJQyadPYjo09hkXSSTs5ESyv5jOoVyMS_WDjFYn95Nxzt9uZ7qJZa4pPek86jvDmLI4Cu3pXID7LGfLGEg1ZgqEZcEQbUSMA3LQukwIRLO-vVm4CLnt7pGvuXLOFtMQzvl_KIG8pKSogdmLw_wSFw8tPyRQkaudtlZBIzIz7pvNNyXMj1evkwDFCLaTyqYRnmruG-IHlji0CpETe8xp2Qbi-VKxEt0F8rGp2YYQdMCUxNbNw5fLN0I_lmULBPMPKqyQf2-EWRrjdQRjpST5HoZDk2qUizWMwoczKtBwCogINfCmD0xqwOx5G7CCUjPfMD6M2NIAqIaux4GCjKXCv7bdAoYeXBFnJ90HtdZC2Zqtj6oNC1ZsIdJEn-btbOFRfDfWtPx6u9vSSKwhK4sK6vqiNe3SPj27pf_tsY8xMutGSTLizCHa1JMQ34DsqbHig2Tb-4DU7xcCjS_YeAfDPO_5UNJusFdsz5sYGKR8uT7LcYf1YeT2SHiLK_PMgjd9KkHdt6oIG4nHDLIsiP3hGsGKuPWJV2WqAL60uT6sibnP-SDx5bpZoXpRzDT--BVKLAii_5oWW5usYk0IAhS-NR1rzx-VoZZNZIU0mKES6UYtHjCLUPyInnIjz9eMDrIM3dyohttwQ4o9nLk7iUBQ1GZgiw2eUW3traLQt1xWIBFFTEdBKCxRa-X8dEbuE2lJ_39mQThvJ7KQFwLT05RJgmcf1yLgf03iVD909DEiVM6Lg-ZhbiM7t_xK75KXWlRUQeeVl4Wv6_wFgpZYPmu9uaIglzvBtpxmyEPptI1rtuzfXwoBhWDHOl27ittPTlgRUB_0Y1Y4Xra3AXdFvXmd5If703h7hwy2hFcoYZ0ciO2y6JWKq3m_0ApL9375e12Fr1otOQIWCvb_Y0Cl6SVruoZONkVQ6BG0bNUw5eyVsYK8Kb9mpcagIIFihAdmveyx5vekw0W5-ckFJyyjAoeylwfUaGF4Lqst2MU1bKtcTGQ56yZoP3yWrQM90TYUhhvLd7Y1TgyycwROArF1mocTTUwe_ow0STprHsdIOzAoTe7_QFbJ6Q_HqBATGVlnOGB10lM3m6gentgpf8Tp8R70fX-GwFCnPE8DUl9SCar2qh9qY2KotGGghxYg78fm_0JpFpFE08M92ufM2NPaKF9NlEJDkqkbFxCsJ-wYkFCcEcY9UxGboGjam8MDLsl9HLYcgHLFlib52JMmYnlp_QCmvULn0iwDJ3_iRmLQgy7Nn7jcH8H8dCVwYRss92mu8zpEahtWt5pTBJxqRGGZ2nOrk1qYdyw_S1vdBDhFiiK80CW9e5kATXAxHU6YNnknOifK1-C08JaAZn0mXkQgSrwIhzk2fW15lWSPfRW-vAdg0OtUXEUeF8EHW_8NgpMe7eWM8p_vKyKNGb7e2YI1ePXfkaEUqGrsHl8nX9KjzgdeUBv7O21NxAoxaQFynqGv6SyGJ12EcKhFTSXHTBwcih12ndqnEkE1YH01shNrzs2kKx8RmpyyEJ7YF97Weg4xoUAPNYiPaAtUXtcXiEdEyO4s8WCGhVL12FB4JLL5hqObvd3KVjeKXc-xCsaTSfwE6R1bAYCRpfWOzjKt4_g&cid=CAASFeRoWg33pZtXqg7yd5EiLFUD7Sm98Q&rfl=1%2Chttps%253A%252F%252Fnv.ua%252F%240

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

912c59a0f6935c6c471a0a7e1899f54df0ba63d3209981868c127d2e476ba977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10601
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 372A 42 B
63 B 71ms
58ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZCHUB6c98q0QzBKaXNbxM9imdggkTk5hvW41nmg__c6xriahAcigUcOYLG5q5oZrL_plZAHHks_gN15T-wt1TUsY-AKA77vuukPIStrxzLw0-Pxw

Requested by

Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/952859/60854783/xbbe/creative/ Frame 372A 239 KB
73 KB 515ms
164ms Script
application/javascript 44.235.179.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/952859/60854783/xbbe/creative/adj?p=APEucNW3zBGKe6-YJV_jGGFGe-U9TJOXCao424tPf8pYfxHZccmv_lo&d=CnkAoCZ_4Fueo4ltOiqFZjujJ5wexj78STbDU-ox_GYoZdWstmWU9mxTi3uFAv81lAsj9DZ95wAn7MOcBSJBaYq8QB2dz6LqU-zQQShMocdsvGR3NoBHSkftl93PWztW5wYMkAKSxF0gn1ocMR2W2HewWGm7gGRi-HUHEukTAKAmf-AZTI17eDUOZnJo0S3O3ThrnDdcPA4UtqiwaNPNTcC4hHP7LU3mA2trKwycNsYHfQNJoirRsoQy50qq96VcE-CFrArOrmydo0-zStybqGnRmf0hdapjPX9Ui6NkACIGv-7nKWDOAjLVxo0Lds7uVzSK2ti4BVoYQxgSbOrFBkgEc33ZxikUYDDOkr_-m-T8KeL0G41k18ZhatVq_0yKJ2PVV52f3LPJ_O0dVt2ccFGXVDXROR4RyUh0pXkG1ZupN-moKLyUlhXL25U0Bk74FVTSb1mnW1gwWpoB_JGQD3w-CO8iTjzW6xd6soK1JvCPSett3C5d6UJOxuUQ0qVJVReX0J67mCpzKsmE2MPULJamOSfQVSFp6_2qge49Ie8wUj2tba4LfMYAwmX3mpqfdpznsTUwt5FTomEJ5zeyEMGckdttyonQjyHL3Hib5Uh-vn9Dzdn5016uptCbiQsuMAb3Yl_iGjJa7r-BOjJMJ6uAYfCcnUjV0KthWSUmKgVOqAlAYYb0j719BOu59i1gI4dTw4yq3apk0oAjiRs8_3gD3oqlFdjjx7wGiQat0TloeIY7rH-AzR4n8wdvFb4iAdJQw2WYjXQQgNTYKGPyE0AGPJC-OS79Q6ts9YbzFYV0M1_9Wd0_syEsw2vVHJBdwRx1RXXV5OgVNb3a85hH9HAjF3oR_tsIayvV5zJs4SqYzI1hShkNVKtOLshYniRwcC2CkmW3Cp86b1Sp3YHfl6l3ZsShoG1Zn1VxS-lVVeaqWYg1jitHbqVCKohjyspQXTC58E7lZhz2oV8yGEXcntARxYp9aEHHLxrt-7dRHLJAGVK1RmcD1aChOMyIdwpAxesoAATj4VJk--bJ5A7XZeDKenZix29nfMu4D0XDraZFDC2xH7JNNNOicu-fbASk1Xfs-T2MvC2jidy0E6zD_XPqGh-K6Ip7ybFiXqmlt9q-oF1RcW89WszbMWUm568Zzs2QIBNTb2tzQf--SErPVTNw2WwL69XJbuEDbyNxPBoZON4mCSXAt6YuR6OvoLq184U6NaPc4e1xyqc-pu2S4cmwL-M52QUFIQnxRd6tFp4tOTlZPj6CzuTDBtP3hX8jGjvvGHi03rsNHyZ9LtcZZDSfzKc-xmvn7wgdaN8VqE3A2BLSAXIsotyqyjCTeBdem7HDPlPnAsyqDGl-_-Jvil8VtlSX_kyiFzHgmJAa2AmNcdP8q0bxdgNI3bJw3RlIIpdK98Z16CV84N3TjjOeiYH7mEsqk26I97BKv8ODk922iiD_1LGVf4JSoU7KYRTy2toGdPz3I9Ds0rJe3yu-07dPvjwebj4ZrtsuxKjirLnPBm1jcU3nG88RAGM2b1M2QIa8jxIfeaCrEJep0m9mY4tyrtmunW2nBAy3C4Gw5UWmu9632U71HYosbPArO3CjzpOG3koZngArirDN7dBBHh14H_pBTIB1LbtlHutmzWtzarCiaOeKYJ7T-LlxthBo6cfGVLXvhFaz51Y7w5IoTD12lRejZkqDUh78B232b3j_SfAbrB7zkyW7LFyBM87tadP5vpUDZC5c13m_bFWpjZZF2ntGoeCXGMNbUnIAzBZer1-i6nRdAZJRg9ovmMXtcLYXtQQHpk44XooABv6qV4I4AXlW9wGIp3tLEFbJcLrH6c1Y3XGbbA55PNd0IKQ3fuJ6l6MfOvY-9SBGTfB3UPLja61CDA266d0V3dw4PvXB_LpzBkWm0y5TCDrEfk6FFUjhDBCP--C0tRgBpjEW55VFTCZDq_6AaJ3KzicnUQRcgZJg17341fhCy5DaYV-jsAleLdhryq2XsPSYCK7wg0lshEpil9D2JoVxAyo2Kb6vboe4rseH_jEYpSIzaTUbvoIKd8C-B78BwQd7OVhCAZHYwpoFNDDH_wKPXQAxxcWQSJnicDwSGodHNBqp11ifYcWUTvboo6N13nnGKf021rN_XFYvy-tUggb0sJgZh9syhujPPGILUPLJrnY3yffTMDeBGFmdQpF6XLfYvcDe77hlWKDRmAJ0d_OMWQZhzA8NEQzmhEeRYlEeVvEElxa5yP2yyjvVDJIldVXdGPKJRJZw5gGLCYS2cPIxsiOFhYbyRTt_HZfN06xqqrN1tJIfOG-MlWNqRdlqbXOJvsCDpULtuvV73O_xU8Suk-6cJI6xsuC0meiWaQ4sLCiEfsEKV4GYEk5YS9kZBgW71CaINJGX5TE97xbD6EIvhP7EKY-IEojwNAmXraO3JPN2sVyTrNcOl6Xwf8Coe9QmvATxAvjD74OirisqFN7x5Y2VQCULrj2-cSjWt2bqXJ8y3FFYhWmi2cS2UfVJBkT7vbzFaSvV-oXszAkaJEK2v1jdv7ey597vuYWHBG4G-OzZTUuEmarQB3rmGg8JvLikiCfW4ZKyjM30QVQYCVe3_hmjx4_S00gJ0Lybnt8ii15xxM6KMDP-Xz37n2vmg196-27hfyVe4SImgG-4LN3muaN_Hf-D4GD45Rsg6_6LNeeH1e32R7mb-7-OyBnfZtKfLrtUXnxKaDjHHfA54c34ZW8oPv67TBmh4W3uBT6Gfm0AgsNSdC1jcGYoWfNnVWOy1gWx_I8j3M7Lj_u10sojwNB3FO7JY3fp6SnI9C5fN85Nwmis94CVqKMAUHfC64l0BjtH5lY9o3yA6SWWfDJOb4VVVU_HnsGXtvmJ7B25rGJ2KgG4_EmLQXdgxJ2jkdL2B1Clb_4eB-9qZnBATsuLxIUcLB1nd07vaNPGUOalWQlmp-aRhRuteneG-lyMix6E6Ej4O7h7uUzTAH3DwuJD9-2jt1KxBcxlm_TkNNKYi-j3o-nAP4AIGpDQKQEquQGtQBs0PYW8JRoIE2bz3eTECU4vv1xLqHGqTv-Gx1v2eW2uKWT_ejBhs0kH5rVkfiYRKcWImZKI20DEV71koFfd2HksR5PZQlowQa9ZEmafJIeUgVL85Aedd3tZSV72s9qx46U2hxC4eETVtWxfJDezY0lHdANj-wBYPMClLRGucPm_Rme3_X3DI3rnCWtbUWP5HxSIxZCSZ678lSeKqXRY3Ba3Dlg24jjhOLRyLnzwS_kbauZVoeHrGZhrmDd8XGjnCHdbfv9XlU6Hk4fNt1sJN2_yZHckn9G0TB-ODYAJnIH3pvNfVJ1jzpatFe-xmPE80FSKqkcumiuBJ8oDpZopCnu9nD4snwM6FnvIK_LhjyVeHQercO8jynQveGVyrEzcNzKqRFv6ErrIPNvAPFcybiUdKnqXn98d6vIKdkI_tmJF5svh8dOjrePQazvRZ72Mi__3hCuOVaPX2OyoxMaryhYVdV5bkbKAo7AUr7zTEdRm94nQwLiLvLwKBqxrRLWdHEbjWOJW4FaHe8AaGQgAEhXkaFoN96WbV6oO8neRIixVA-0pvfFgAQ&ias_dspID=3&ias_campId=26750841&ias_pubId=pub-4104491810713150&ias_chanId=1&ias_placementId=16231403734&bidurl=https://nv.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jIPd5nvdC5_Q2BQkZzqhUo
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.179.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-179-16.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: da6c3bfa55f104364e1b6cc0f124d569d96708ef57ebc99f1b975f2c1ba78ac0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 372A 2 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 13:33:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 372A 124 KB
38 KB 104ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 13:34:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 372A 15 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 13:33:43 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E800
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENaOCqLvrwdmNuXvH_h06_s&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENaOCqLvrwdmNuXvH_h06_s&google_cver=1&C=1

43 B
1014 B

63ms
63ms

Image
image/gif

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENaOCqLvrwdmNuXvH_h06_s&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjk6dTBATAB&v=APEucNXTA7KFPZ8mYpCBSWBVg-PSQCOR7HxyaCdqujJdyR6Q56xag-tij-zZSNuQUINi0g7_pRjkYrhT6TbfDNM7ZkZ9jFaAM9HDe6_uXeBiHfc8nXbfERhx9LFcoAOus4a1Yr3lKxr_8v6Aj3rNkUmcQ9v2fdhuNmpdHcLIcYIZnn6sg7MGT1E
Protocol: HTTP/1.1
Server: 72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 13:34:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 24 Feb 2022 13:34:21 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 13:34:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENaOCqLvrwdmNuXvH_h06_s&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 24 Feb 2022 13:34:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E800
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YheJXZQ2h-8y7BKKtflpmwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4Za_LUFGsoT_Hd7nyPjLw&google_cver=1

43 B
894 B

53ms
53ms

Image
image/gif

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4Za_LUFGsoT_Hd7nyPjLw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjk6dTBATAB&v=APEucNXTA7KFPZ8mYpCBSWBVg-PSQCOR7HxyaCdqujJdyR6Q56xag-tij-zZSNuQUINi0g7_pRjkYrhT6TbfDNM7ZkZ9jFaAM9HDe6_uXeBiHfc8nXbfERhx9LFcoAOus4a1Yr3lKxr_8v6Aj3rNkUmcQ9v2fdhuNmpdHcLIcYIZnn6sg7MGT1E
Protocol: HTTP/1.1
Server: 72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 13:34:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 24 Feb 2022 13:34:21 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4Za_LUFGsoT_Hd7nyPjLw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E800
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE0hDjtu3hdglMtxbCzLpfY&google_cver=1

43 B
1004 B

136ms
93ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE0hDjtu3hdglMtxbCzLpfY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjk6dTBATAB&v=APEucNXTA7KFPZ8mYpCBSWBVg-PSQCOR7HxyaCdqujJdyR6Q56xag-tij-zZSNuQUINi0g7_pRjkYrhT6TbfDNM7ZkZ9jFaAM9HDe6_uXeBiHfc8nXbfERhx9LFcoAOus4a1Yr3lKxr_8v6Aj3rNkUmcQ9v2fdhuNmpdHcLIcYIZnn6sg7MGT1E

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 13:34:21 GMT
X-Proxy-Origin: 37.59.164.110; 37.59.164.110; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ab695218-9274-458f-84ae-c40e6dbee9d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE0hDjtu3hdglMtxbCzLpfY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E800
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0NTkyMTMwNDExNjU4NTQ5OA%3D%3D

170 B
188 B

69ms
35ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0NTkyMTMwNDExNjU4NTQ5OA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 13:34:21 GMT
X-Proxy-Origin: 37.59.164.110; 37.59.164.110; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5f08437e-ad3f-413b-8708-4eb437e2d5b0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0NTkyMTMwNDExNjU4NTQ5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1367 0
9 B 25ms
24ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cRIXcQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 372A 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AK4xAutHvB8yB-gUyBT9AliAzxao0PSpw4HXtC1wYIalguHXlQTC8ypoO6ZvDxKC4tgorY4L_lE8drLX9vww1N3ZnaAR3g_RjWHebPEKcrToHDO4MPHc0a6nJ3rV80pmjAdKmSxEDZAebiigQZIQvT_A-KWQ&dbm_d=AKAmf-AjcV0SlRXKET0ooz3Se6cjOUXp_rmngCeJbVyEKvKR6m-xBkqNT56psWpqYFllwZFr_uAS_VnbH4P7yCi-slvAayVGjoXd6MsxyRJdBJlcSwL5wYCPdgEOB47Z21kssjU9RANt8vv002q1kXptzF3QoyaKLooBB9QI4ZYPv-NhVv13x2fXyMurETtEisrnCciNAL4FuCzn93__kdXw8gB172XDFvunr60zGhe9UZwS221-rlF8frB_2hGOZUAZjsKzrnI0lX0hIyeofc32KKwFr1W0zZEfx9j_hsufMYxC32b9yz9gk_MjXPbHZHjdlFejj9h6WkvMLIhvgpMkAcvWXxujFXBqa8B4t5wk6OCLutTlI9WYOEmmf5YhlBmNscnfYc22YEgsiWSKAiToYmsTsBq24F03abYnPcmK0xDfvQreuC4Qe4CPHJE05d42ZtbM1smUc6QcDSHZIDplh4oHQDdaxSotzrBzHs5zJ1r1ctbuz6maflqX-jocJehWy-3YE3NYQFcisGpBxUL_BOKlpx5_XK6prPfeL1ygWb3Cp9xaH7C5XF-GHCDTRnoYVBsuKATEYsWkyFXBDx84bBW_zjDy9ESFsSxcYnxRQodlsL_ompZQTwFJYDQ_I6zrwreDds5J11kpchO2WR1N65tAEWJdr0nfDdyTr2p2vT2nLfNPmof0CEjsVN-eXcUEEBsp1s2A5qE91QFpr-mum4-yOsR-yNgm1s0VYrpjsbU3F3vJLiDhtmZuEhm-q1VBOxOD7PcS3lv-ulZW6GmF6g7kFIFQqRb7aiSkdRqIsORG4C96KH5-hgF6tkJTtwxMzz7Y3MLAfQUr_Q2aTiK1yN_KBUmsg_57T9D-3oK-TqzshCDwtavSeKDK2NHAWAwYnS09S9SvVwxmuL9JcXGL9ALLsuZaxphrUXVpB2WqMrVgXTbc9WK_-DYtVtvtarKAHXY5f0l9gz_8MojLyEj_CPzk13I6XrDN7zo4wLrBRW5BMjpCnqvboB1R8z3XP-g0SRuI_544gJ2bSphixJQyadPYjo09hkXSSTs5ESyv5jOoVyMS_WDjFYn95Nxzt9uZ7qJZa4pPek86jvDmLI4Cu3pXID7LGfLGEg1ZgqEZcEQbUSMA3LQukwIRLO-vVm4CLnt7pGvuXLOFtMQzvl_KIG8pKSogdmLw_wSFw8tPyRQkaudtlZBIzIz7pvNNyXMj1evkwDFCLaTyqYRnmruG-IHlji0CpETe8xp2Qbi-VKxEt0F8rGp2YYQdMCUxNbNw5fLN0I_lmULBPMPKqyQf2-EWRrjdQRjpST5HoZDk2qUizWMwoczKtBwCogINfCmD0xqwOx5G7CCUjPfMD6M2NIAqIaux4GCjKXCv7bdAoYeXBFnJ90HtdZC2Zqtj6oNC1ZsIdJEn-btbOFRfDfWtPx6u9vSSKwhK4sK6vqiNe3SPj27pf_tsY8xMutGSTLizCHa1JMQ34DsqbHig2Tb-4DU7xcCjS_YeAfDPO_5UNJusFdsz5sYGKR8uT7LcYf1YeT2SHiLK_PMgjd9KkHdt6oIG4nHDLIsiP3hGsGKuPWJV2WqAL60uT6sibnP-SDx5bpZoXpRzDT--BVKLAii_5oWW5usYk0IAhS-NR1rzx-VoZZNZIU0mKES6UYtHjCLUPyInnIjz9eMDrIM3dyohttwQ4o9nLk7iUBQ1GZgiw2eUW3traLQt1xWIBFFTEdBKCxRa-X8dEbuE2lJ_39mQThvJ7KQFwLT05RJgmcf1yLgf03iVD909DEiVM6Lg-ZhbiM7t_xK75KXWlRUQeeVl4Wv6_wFgpZYPmu9uaIglzvBtpxmyEPptI1rtuzfXwoBhWDHOl27ittPTlgRUB_0Y1Y4Xra3AXdFvXmd5If703h7hwy2hFcoYZ0ciO2y6JWKq3m_0ApL9375e12Fr1otOQIWCvb_Y0Cl6SVruoZONkVQ6BG0bNUw5eyVsYK8Kb9mpcagIIFihAdmveyx5vekw0W5-ckFJyyjAoeylwfUaGF4Lqst2MU1bKtcTGQ56yZoP3yWrQM90TYUhhvLd7Y1TgyycwROArF1mocTTUwe_ow0STprHsdIOzAoTe7_QFbJ6Q_HqBATGVlnOGB10lM3m6gentgpf8Tp8R70fX-GwFCnPE8DUl9SCar2qh9qY2KotGGghxYg78fm_0JpFpFE08M92ufM2NPaKF9NlEJDkqkbFxCsJ-wYkFCcEcY9UxGboGjam8MDLsl9HLYcgHLFlib52JMmYnlp_QCmvULn0iwDJ3_iRmLQgy7Nn7jcH8H8dCVwYRss92mu8zpEahtWt5pTBJxqRGGZ2nOrk1qYdyw_S1vdBDhFiiK80CW9e5kATXAxHU6YNnknOifK1-C08JaAZn0mXkQgSrwIhzk2fW15lWSPfRW-vAdg0OtUXEUeF8EHW_8NgpMe7eWM8p_vKyKNGb7e2YI1ePXfkaEUqGrsHl8nX9KjzgdeUBv7O21NxAoxaQFynqGv6SyGJ12EcKhFTSXHTBwcih12ndqnEkE1YH01shNrzs2kKx8RmpyyEJ7YF97Weg4xoUAPNYiPaAtUXtcXiEdEyO4s8WCGhVL12FB4JLL5hqObvd3KVjeKXc-xCsaTSfwE6R1bAYCRpfWOzjKt4_g&cid=CAASFeRoWg33pZtXqg7yd5EiLFUD7Sm98Q&rfl=1%2Chttps%253A%252F%252Fnv.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Feb 2023 16:13:41 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E76C 22 KB
8 KB 24ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 08:13:54 GMT
expires: Wed, 22 Feb 2023 08:13:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 192027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame E76C 35 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 11:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 11:47:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E76C 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXnWhXYkXYrKyEKaG9u8P8uit-AgAAAAAOAHgBAI&bg=!7e6l7qrNAAbf-5Dq3_s7ACkAdvg8Wm4ua_tN_z3og7y0Kt4f66XDLZuGRrtGWtgC4CZToHPQ_cZCRAIAAAB9UgAAAAJoAQeZAxZN8Z8xpTEUU74h8ZmOqDyUqufRmvnf0svSPL2-rQvdRiEE_JGwlTES_NQ2dilNuuCtv9I67RPAo3m3PABz53L1NQNo-3uwzoyIU9aJc_fal8nNyo0KiYsveTZPYCvtM8t41m4GRr6DBMV0qZyKVDJVBnhpyxjjaMMXG0gE6PV1ChUc4Uoe8oP_zcQ4mlIh-V1A1YrHobpIuNxvadPvBtNAw-KroTGW7SPopHviaCEXWDanryx93W58oE9B_F_V01ZH1LSNwpzdNMASXZnZvB1KHwhw-HuSO87XZptibig1mn6Z9ilWEaMifPEM6WCerDGB4UXYnVVL-uMKHhThjgava80W_JeKK2ujrFqOmVMnHyY0BsV4cSV2YvLhvJ6vy_IOccJk0jcETowACpRWqzhBusUkDkR7q8IOJ_duLDH2nZFX3mIT5Rlt0WOo8G2LCf_DLx3vi7qqCgVzptOIq86Wb73sAZ1JRLeHRG_3YQBrPdQz_nKP6zVcHXsBkwnsHJ3Lpr9yN0AZYjIKfQhA86YpPgqKj-uIR_eoEyMl16CMQdCD7Lj5piqF7UBHF8RXwRVkUeM_7cNPJ2zfYUKaLVZ6g1K5_lfiDih4643oOQKJsnRFOu9QwhcNReLuZCToj_VfkwnRqkPIC7rhnj-VlihHfPNJysBH-Fw8QTeHQiluX-rmZHbeqKH0Vsy6jYpUWqD2puxU_fn11Mt7Rqpqv2g4tKmXE_W4szV6vKMYA58nQS_TIJcPBqSgzG9Gf_UAgZNE-5jC-hMI4zADn-YG4RBwGD1ZO9fmZI3NrgbWcwQusCGDlId678RasE6cN6GaTqYyasxPkfiSuHsrjX_QktNlu1tYNFZ-kVH7RY5iwf6J5lFonzZoRltnas3kD4-ngeLwP7_RVz6LyRD9MKM4B-LTHSZByKWIaxg_SmEBkHpSPq4IydPQDpNThT2QETb1UuCycPOiKxwlBOOxeacjZXrYJQ9dxMueRoKiN6ayhYe92b9tiMhNKt_HzWVMItZeMmgXZhASxMP09V-aVYRJwHRiusryaTRk

Requested by

Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021701&jk=4102766636599184&bg=!Dg2lDUnNAAbf-5Dq3_s7ACkAdvg8Wn6xgIGhyVnBM3T871LyJiSfSWdBrA6thoR559ILzO0Y_3C7WgIAAABZUgAAAAJoAQeZAqB-dcadYB_smwVsMYhAJ8IB1VpdUkLosfErni5KeeSuWkwhxOubFzim_Sz9u8G6f2EyQ3kh49AjsjD4voDun-BIKz3J4CSqF0-lhJL4ED2352d0wMY19mdJDrop4ldWFcKtg87Rm2cEW3RC9ioiIo0RPJKUqg877dlqc3aeuDqcdm1E8-7umQaWWYb96_BXlVudnaLP8lEdddXu4s_J-TlzipH-uBwWM-p-uYg9FZtU6w6JWYjcTxCMAn8IhOD-cbUbTerFbjbn97OKiil1tXdpZzHglIyx4V__PsFOZ5gCb9oH7mnBODGGhsx292MtVUpQkuYu3aoZn0PfEAAsrEgXh-eilIM9lDx_LVcVBpvUWw708iKeAi6TBo-edNygNu87uX0Wk_F2eBYwzg9zMtVCvtR5LY_VSHci_-ZeH_St6vYPBDJ0f8Zh0oYOUTtM7i6s9zCSoay7qmiwn6XLAKmWfI45bm4YMq92VrElGuNg-MZFI7qGSrnLQPZKLXb_OIj0w8PlLXrn7FoQE1Oon9F4xv2mWBLMZTeUmHorlyUiAiJzETMWFPu_Yk0xSXY_u-aMImGfa9qOPqnPuuukgebPWufBeo_5H7J6UC9tFMsyOF-u98vKSk1gL-1WR-vrMAQ9eL3VmFRlv8WtAyVytg2Q-nBdHgfzksMLZ30kg10kUH5XU659WGjlmxfRNZ3hW4i52V5mngLHIAIro-ph_G14t9r-VeXABczHtidpEwliKgz-j6Y1bNAJzSQMN5BBEqH_M9cG5aRRicX3FyQi5JhCTxn8YdWAG3t-hNzY8uxjiECVyoGhd3GimdNyPB0kEpZRK6v3dLlqCxMKTyvB2ZTgQP3PaR1nVCEhKAcTLKcUWdwhVFCyB2qC9DkKwJXigPo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 372A
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/952859/60854783/xbbe/creative/adj?p=APEucNW3zBGKe6-YJV_jGGFGe-U9TJOXCao424tPf8pYfxHZccmv_lo&d=CnkAoCZ_4Fueo4ltOiqFZjujJ5wexj78STbDU-ox_GYoZdWstmWU9mxTi3uFAv81...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNW3zBGKe6-YJV_jGGFGe-U9TJOXCao424tPf8pYfxHZccmv_lo&d=CnkAoCZ_4Fueo4ltOiqFZjujJ5wexj78STbDU-ox_GYoZdWstmWU9mxTi3uFAv81lAsj9DZ95wAn7MOcBSJBaYq8Q...

61 KB
21 KB

116ms
57ms

Script
text/javascript

74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNW3zBGKe6-YJV_jGGFGe-U9TJOXCao424tPf8pYfxHZccmv_lo&d=CnkAoCZ_4Fueo4ltOiqFZjujJ5wexj78STbDU-ox_GYoZdWstmWU9mxTi3uFAv81lAsj9DZ95wAn7MOcBSJBaYq8QB2dz6LqU-zQQShMocdsvGR3NoBHSkftl93PWztW5wYMkAKSxF0gn1ocMR2W2HewWGm7gGRi-HUHEukTAKAmf-AZTI17eDUOZnJo0S3O3ThrnDdcPA4UtqiwaNPNTcC4hHP7LU3mA2trKwycNsYHfQNJoirRsoQy50qq96VcE-CFrArOrmydo0-zStybqGnRmf0hdapjPX9Ui6NkACIGv-7nKWDOAjLVxo0Lds7uVzSK2ti4BVoYQxgSbOrFBkgEc33ZxikUYDDOkr_-m-T8KeL0G41k18ZhatVq_0yKJ2PVV52f3LPJ_O0dVt2ccFGXVDXROR4RyUh0pXkG1ZupN-moKLyUlhXL25U0Bk74FVTSb1mnW1gwWpoB_JGQD3w-CO8iTjzW6xd6soK1JvCPSett3C5d6UJOxuUQ0qVJVReX0J67mCpzKsmE2MPULJamOSfQVSFp6_2qge49Ie8wUj2tba4LfMYAwmX3mpqfdpznsTUwt5FTomEJ5zeyEMGckdttyonQjyHL3Hib5Uh-vn9Dzdn5016uptCbiQsuMAb3Yl_iGjJa7r-BOjJMJ6uAYfCcnUjV0KthWSUmKgVOqAlAYYb0j719BOu59i1gI4dTw4yq3apk0oAjiRs8_3gD3oqlFdjjx7wGiQat0TloeIY7rH-AzR4n8wdvFb4iAdJQw2WYjXQQgNTYKGPyE0AGPJC-OS79Q6ts9YbzFYV0M1_9Wd0_syEsw2vVHJBdwRx1RXXV5OgVNb3a85hH9HAjF3oR_tsIayvV5zJs4SqYzI1hShkNVKtOLshYniRwcC2CkmW3Cp86b1Sp3YHfl6l3ZsShoG1Zn1VxS-lVVeaqWYg1jitHbqVCKohjyspQXTC58E7lZhz2oV8yGEXcntARxYp9aEHHLxrt-7dRHLJAGVK1RmcD1aChOMyIdwpAxesoAATj4VJk--bJ5A7XZeDKenZix29nfMu4D0XDraZFDC2xH7JNNNOicu-fbASk1Xfs-T2MvC2jidy0E6zD_XPqGh-K6Ip7ybFiXqmlt9q-oF1RcW89WszbMWUm568Zzs2QIBNTb2tzQf--SErPVTNw2WwL69XJbuEDbyNxPBoZON4mCSXAt6YuR6OvoLq184U6NaPc4e1xyqc-pu2S4cmwL-M52QUFIQnxRd6tFp4tOTlZPj6CzuTDBtP3hX8jGjvvGHi03rsNHyZ9LtcZZDSfzKc-xmvn7wgdaN8VqE3A2BLSAXIsotyqyjCTeBdem7HDPlPnAsyqDGl-_-Jvil8VtlSX_kyiFzHgmJAa2AmNcdP8q0bxdgNI3bJw3RlIIpdK98Z16CV84N3TjjOeiYH7mEsqk26I97BKv8ODk922iiD_1LGVf4JSoU7KYRTy2toGdPz3I9Ds0rJe3yu-07dPvjwebj4ZrtsuxKjirLnPBm1jcU3nG88RAGM2b1M2QIa8jxIfeaCrEJep0m9mY4tyrtmunW2nBAy3C4Gw5UWmu9632U71HYosbPArO3CjzpOG3koZngArirDN7dBBHh14H_pBTIB1LbtlHutmzWtzarCiaOeKYJ7T-LlxthBo6cfGVLXvhFaz51Y7w5IoTD12lRejZkqDUh78B232b3j_SfAbrB7zkyW7LFyBM87tadP5vpUDZC5c13m_bFWpjZZF2ntGoeCXGMNbUnIAzBZer1-i6nRdAZJRg9ovmMXtcLYXtQQHpk44XooABv6qV4I4AXlW9wGIp3tLEFbJcLrH6c1Y3XGbbA55PNd0IKQ3fuJ6l6MfOvY-9SBGTfB3UPLja61CDA266d0V3dw4PvXB_LpzBkWm0y5TCDrEfk6FFUjhDBCP--C0tRgBpjEW55VFTCZDq_6AaJ3KzicnUQRcgZJg17341fhCy5DaYV-jsAleLdhryq2XsPSYCK7wg0lshEpil9D2JoVxAyo2Kb6vboe4rseH_jEYpSIzaTUbvoIKd8C-B78BwQd7OVhCAZHYwpoFNDDH_wKPXQAxxcWQSJnicDwSGodHNBqp11ifYcWUTvboo6N13nnGKf021rN_XFYvy-tUggb0sJgZh9syhujPPGILUPLJrnY3yffTMDeBGFmdQpF6XLfYvcDe77hlWKDRmAJ0d_OMWQZhzA8NEQzmhEeRYlEeVvEElxa5yP2yyjvVDJIldVXdGPKJRJZw5gGLCYS2cPIxsiOFhYbyRTt_HZfN06xqqrN1tJIfOG-MlWNqRdlqbXOJvsCDpULtuvV73O_xU8Suk-6cJI6xsuC0meiWaQ4sLCiEfsEKV4GYEk5YS9kZBgW71CaINJGX5TE97xbD6EIvhP7EKY-IEojwNAmXraO3JPN2sVyTrNcOl6Xwf8Coe9QmvATxAvjD74OirisqFN7x5Y2VQCULrj2-cSjWt2bqXJ8y3FFYhWmi2cS2UfVJBkT7vbzFaSvV-oXszAkaJEK2v1jdv7ey597vuYWHBG4G-OzZTUuEmarQB3rmGg8JvLikiCfW4ZKyjM30QVQYCVe3_hmjx4_S00gJ0Lybnt8ii15xxM6KMDP-Xz37n2vmg196-27hfyVe4SImgG-4LN3muaN_Hf-D4GD45Rsg6_6LNeeH1e32R7mb-7-OyBnfZtKfLrtUXnxKaDjHHfA54c34ZW8oPv67TBmh4W3uBT6Gfm0AgsNSdC1jcGYoWfNnVWOy1gWx_I8j3M7Lj_u10sojwNB3FO7JY3fp6SnI9C5fN85Nwmis94CVqKMAUHfC64l0BjtH5lY9o3yA6SWWfDJOb4VVVU_HnsGXtvmJ7B25rGJ2KgG4_EmLQXdgxJ2jkdL2B1Clb_4eB-9qZnBATsuLxIUcLB1nd07vaNPGUOalWQlmp-aRhRuteneG-lyMix6E6Ej4O7h7uUzTAH3DwuJD9-2jt1KxBcxlm_TkNNKYi-j3o-nAP4AIGpDQKQEquQGtQBs0PYW8JRoIE2bz3eTECU4vv1xLqHGqTv-Gx1v2eW2uKWT_ejBhs0kH5rVkfiYRKcWImZKI20DEV71koFfd2HksR5PZQlowQa9ZEmafJIeUgVL85Aedd3tZSV72s9qx46U2hxC4eETVtWxfJDezY0lHdANj-wBYPMClLRGucPm_Rme3_X3DI3rnCWtbUWP5HxSIxZCSZ678lSeKqXRY3Ba3Dlg24jjhOLRyLnzwS_kbauZVoeHrGZhrmDd8XGjnCHdbfv9XlU6Hk4fNt1sJN2_yZHckn9G0TB-ODYAJnIH3pvNfVJ1jzpatFe-xmPE80FSKqkcumiuBJ8oDpZopCnu9nD4snwM6FnvIK_LhjyVeHQercO8jynQveGVyrEzcNzKqRFv6ErrIPNvAPFcybiUdKnqXn98d6vIKdkI_tmJF5svh8dOjrePQazvRZ72Mi__3hCuOVaPX2OyoxMaryhYVdV5bkbKAo7AUr7zTEdRm94nQwLiLvLwKBqxrRLWdHEbjWOJW4FaHe8AaGQgAEhXkaFoN96WbV6oO8neRIixVA-0pvfFgAQ

Requested by

Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

cafe /

Resource Hash

4c2c35cfef642ef466e7fe702ab3d5149a7233198de73aff29f4d944adbcc2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
x-server-name: app09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNW3zBGKe6-YJV_jGGFGe-U9TJOXCao424tPf8pYfxHZccmv_lo&d=CnkAoCZ_4Fueo4ltOiqFZjujJ5wexj78STbDU-ox_GYoZdWstmWU9mxTi3uFAv81lAsj9DZ95wAn7MOcBSJBaYq8QB2dz6LqU-zQQShMocdsvGR3NoBHSkftl93PWztW5wYMkAKSxF0gn1ocMR2W2HewWGm7gGRi-HUHEukTAKAmf-AZTI17eDUOZnJo0S3O3ThrnDdcPA4UtqiwaNPNTcC4hHP7LU3mA2trKwycNsYHfQNJoirRsoQy50qq96VcE-CFrArOrmydo0-zStybqGnRmf0hdapjPX9Ui6NkACIGv-7nKWDOAjLVxo0Lds7uVzSK2ti4BVoYQxgSbOrFBkgEc33ZxikUYDDOkr_-m-T8KeL0G41k18ZhatVq_0yKJ2PVV52f3LPJ_O0dVt2ccFGXVDXROR4RyUh0pXkG1ZupN-moKLyUlhXL25U0Bk74FVTSb1mnW1gwWpoB_JGQD3w-CO8iTjzW6xd6soK1JvCPSett3C5d6UJOxuUQ0qVJVReX0J67mCpzKsmE2MPULJamOSfQVSFp6_2qge49Ie8wUj2tba4LfMYAwmX3mpqfdpznsTUwt5FTomEJ5zeyEMGckdttyonQjyHL3Hib5Uh-vn9Dzdn5016uptCbiQsuMAb3Yl_iGjJa7r-BOjJMJ6uAYfCcnUjV0KthWSUmKgVOqAlAYYb0j719BOu59i1gI4dTw4yq3apk0oAjiRs8_3gD3oqlFdjjx7wGiQat0TloeIY7rH-AzR4n8wdvFb4iAdJQw2WYjXQQgNTYKGPyE0AGPJC-OS79Q6ts9YbzFYV0M1_9Wd0_syEsw2vVHJBdwRx1RXXV5OgVNb3a85hH9HAjF3oR_tsIayvV5zJs4SqYzI1hShkNVKtOLshYniRwcC2CkmW3Cp86b1Sp3YHfl6l3ZsShoG1Zn1VxS-lVVeaqWYg1jitHbqVCKohjyspQXTC58E7lZhz2oV8yGEXcntARxYp9aEHHLxrt-7dRHLJAGVK1RmcD1aChOMyIdwpAxesoAATj4VJk--bJ5A7XZeDKenZix29nfMu4D0XDraZFDC2xH7JNNNOicu-fbASk1Xfs-T2MvC2jidy0E6zD_XPqGh-K6Ip7ybFiXqmlt9q-oF1RcW89WszbMWUm568Zzs2QIBNTb2tzQf--SErPVTNw2WwL69XJbuEDbyNxPBoZON4mCSXAt6YuR6OvoLq184U6NaPc4e1xyqc-pu2S4cmwL-M52QUFIQnxRd6tFp4tOTlZPj6CzuTDBtP3hX8jGjvvGHi03rsNHyZ9LtcZZDSfzKc-xmvn7wgdaN8VqE3A2BLSAXIsotyqyjCTeBdem7HDPlPnAsyqDGl-_-Jvil8VtlSX_kyiFzHgmJAa2AmNcdP8q0bxdgNI3bJw3RlIIpdK98Z16CV84N3TjjOeiYH7mEsqk26I97BKv8ODk922iiD_1LGVf4JSoU7KYRTy2toGdPz3I9Ds0rJe3yu-07dPvjwebj4ZrtsuxKjirLnPBm1jcU3nG88RAGM2b1M2QIa8jxIfeaCrEJep0m9mY4tyrtmunW2nBAy3C4Gw5UWmu9632U71HYosbPArO3CjzpOG3koZngArirDN7dBBHh14H_pBTIB1LbtlHutmzWtzarCiaOeKYJ7T-LlxthBo6cfGVLXvhFaz51Y7w5IoTD12lRejZkqDUh78B232b3j_SfAbrB7zkyW7LFyBM87tadP5vpUDZC5c13m_bFWpjZZF2ntGoeCXGMNbUnIAzBZer1-i6nRdAZJRg9ovmMXtcLYXtQQHpk44XooABv6qV4I4AXlW9wGIp3tLEFbJcLrH6c1Y3XGbbA55PNd0IKQ3fuJ6l6MfOvY-9SBGTfB3UPLja61CDA266d0V3dw4PvXB_LpzBkWm0y5TCDrEfk6FFUjhDBCP--C0tRgBpjEW55VFTCZDq_6AaJ3KzicnUQRcgZJg17341fhCy5DaYV-jsAleLdhryq2XsPSYCK7wg0lshEpil9D2JoVxAyo2Kb6vboe4rseH_jEYpSIzaTUbvoIKd8C-B78BwQd7OVhCAZHYwpoFNDDH_wKPXQAxxcWQSJnicDwSGodHNBqp11ifYcWUTvboo6N13nnGKf021rN_XFYvy-tUggb0sJgZh9syhujPPGILUPLJrnY3yffTMDeBGFmdQpF6XLfYvcDe77hlWKDRmAJ0d_OMWQZhzA8NEQzmhEeRYlEeVvEElxa5yP2yyjvVDJIldVXdGPKJRJZw5gGLCYS2cPIxsiOFhYbyRTt_HZfN06xqqrN1tJIfOG-MlWNqRdlqbXOJvsCDpULtuvV73O_xU8Suk-6cJI6xsuC0meiWaQ4sLCiEfsEKV4GYEk5YS9kZBgW71CaINJGX5TE97xbD6EIvhP7EKY-IEojwNAmXraO3JPN2sVyTrNcOl6Xwf8Coe9QmvATxAvjD74OirisqFN7x5Y2VQCULrj2-cSjWt2bqXJ8y3FFYhWmi2cS2UfVJBkT7vbzFaSvV-oXszAkaJEK2v1jdv7ey597vuYWHBG4G-OzZTUuEmarQB3rmGg8JvLikiCfW4ZKyjM30QVQYCVe3_hmjx4_S00gJ0Lybnt8ii15xxM6KMDP-Xz37n2vmg196-27hfyVe4SImgG-4LN3muaN_Hf-D4GD45Rsg6_6LNeeH1e32R7mb-7-OyBnfZtKfLrtUXnxKaDjHHfA54c34ZW8oPv67TBmh4W3uBT6Gfm0AgsNSdC1jcGYoWfNnVWOy1gWx_I8j3M7Lj_u10sojwNB3FO7JY3fp6SnI9C5fN85Nwmis94CVqKMAUHfC64l0BjtH5lY9o3yA6SWWfDJOb4VVVU_HnsGXtvmJ7B25rGJ2KgG4_EmLQXdgxJ2jkdL2B1Clb_4eB-9qZnBATsuLxIUcLB1nd07vaNPGUOalWQlmp-aRhRuteneG-lyMix6E6Ej4O7h7uUzTAH3DwuJD9-2jt1KxBcxlm_TkNNKYi-j3o-nAP4AIGpDQKQEquQGtQBs0PYW8JRoIE2bz3eTECU4vv1xLqHGqTv-Gx1v2eW2uKWT_ejBhs0kH5rVkfiYRKcWImZKI20DEV71koFfd2HksR5PZQlowQa9ZEmafJIeUgVL85Aedd3tZSV72s9qx46U2hxC4eETVtWxfJDezY0lHdANj-wBYPMClLRGucPm_Rme3_X3DI3rnCWtbUWP5HxSIxZCSZ678lSeKqXRY3Ba3Dlg24jjhOLRyLnzwS_kbauZVoeHrGZhrmDd8XGjnCHdbfv9XlU6Hk4fNt1sJN2_yZHckn9G0TB-ODYAJnIH3pvNfVJ1jzpatFe-xmPE80FSKqkcumiuBJ8oDpZopCnu9nD4snwM6FnvIK_LhjyVeHQercO8jynQveGVyrEzcNzKqRFv6ErrIPNvAPFcybiUdKnqXn98d6vIKdkI_tmJF5svh8dOjrePQazvRZ72Mi__3hCuOVaPX2OyoxMaryhYVdV5bkbKAo7AUr7zTEdRm94nQwLiLvLwKBqxrRLWdHEbjWOJW4FaHe8AaGQgAEhXkaFoN96WbV6oO8neRIixVA-0pvfFgAQ
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 3D4D 80 KB
21 KB 123ms
34ms Script
application/javascript 2600:9000:224a:2000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:56:46 GMT
content-encoding: gzip
age: 2583457
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: Zf1gF-E-14f6O_UrLlx4vJ1JSW_CMkNpd3jA35hQL0MRzsYZAbuvyQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 372A 43 B
216 B 338ms
98ms Image
image/gif 52.22.193.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=952859&asId=e4cde681-5552-d6a0-6c51-ffc78f1d08b6&tv=%7Bc:593oWQ,pingTime:-3,time:51,type:v,im:%7BpBlk:46%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYmG1I9+11%7C12%7C13%7C14*.952859-60854783%7C141%7C142,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.193.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-193-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 372A 43 B
215 B 337ms
99ms Image
image/gif 52.22.193.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=952859&asId=e4cde681-5552-d6a0-6c51-ffc78f1d08b6&tv=%7Bc:593oWR,pingTime:-6,time:52,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYmG1I9+11%7C12%7C13%7C14*.952859-60854783%7C141%7C142,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:nv.ua*&br=c
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.193.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-193-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 372A 43 B
215 B 335ms
98ms Image
image/gif 52.22.193.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=952859&asId=e4cde681-5552-d6a0-6c51-ffc78f1d08b6&tv=%7Bc:593oWU,pingTime:-2,time:55,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:919,beZ:920,mfA:922,cmA:924,inA:924,inZ:930,prA:930,prZ:934,si:939,poA:940,bl:965,poZ:965,cmZ:965,mfZ:965,loA:971,loZ:972,ltA:973,ltZ:973%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYmG1I9+11%7C12%7C13%7C14*.952859-60854783%7C141%7C142,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:33,readyFired:false%7D&br=c
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.193.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-193-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 372A 43 B
215 B 288ms
99ms Image
image/gif 52.22.193.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=952859&asId=e4cde681-5552-d6a0-6c51-ffc78f1d08b6&tv=%7Bc:593oXG,time:103,type:e,im:%7BpWait:5%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:103,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B95~0%5D,as:%5B95~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYmG1I9+11%7C12%7C13%7C14*.952859-60854783%7C141%7C142,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.193.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-193-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 372A 106 KB
38 KB 99ms
25ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
Origin: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 14:21:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220221/r20110914/elements/html/ Frame 372A 8 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220221/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/952859/60854783/xbbe/creative/adj?p=APEucNW3zBGKe6-YJV_jGGFGe-U9TJOXCao424tPf8pYfxHZccmv_lo&d=CnkAoCZ_4Fueo4ltOiqFZjujJ5wexj78STbDU-ox_GYoZdWstmWU9mxTi3uFAv81lAsj9DZ95wAn7MOcBSJBaYq8QB2dz6LqU-zQQShMocdsvGR3NoBHSkftl93PWztW5wYMkAKSxF0gn1ocMR2W2HewWGm7gGRi-HUHEukTAKAmf-AZTI17eDUOZnJo0S3O3ThrnDdcPA4UtqiwaNPNTcC4hHP7LU3mA2trKwycNsYHfQNJoirRsoQy50qq96VcE-CFrArOrmydo0-zStybqGnRmf0hdapjPX9Ui6NkACIGv-7nKWDOAjLVxo0Lds7uVzSK2ti4BVoYQxgSbOrFBkgEc33ZxikUYDDOkr_-m-T8KeL0G41k18ZhatVq_0yKJ2PVV52f3LPJ_O0dVt2ccFGXVDXROR4RyUh0pXkG1ZupN-moKLyUlhXL25U0Bk74FVTSb1mnW1gwWpoB_JGQD3w-CO8iTjzW6xd6soK1JvCPSett3C5d6UJOxuUQ0qVJVReX0J67mCpzKsmE2MPULJamOSfQVSFp6_2qge49Ie8wUj2tba4LfMYAwmX3mpqfdpznsTUwt5FTomEJ5zeyEMGckdttyonQjyHL3Hib5Uh-vn9Dzdn5016uptCbiQsuMAb3Yl_iGjJa7r-BOjJMJ6uAYfCcnUjV0KthWSUmKgVOqAlAYYb0j719BOu59i1gI4dTw4yq3apk0oAjiRs8_3gD3oqlFdjjx7wGiQat0TloeIY7rH-AzR4n8wdvFb4iAdJQw2WYjXQQgNTYKGPyE0AGPJC-OS79Q6ts9YbzFYV0M1_9Wd0_syEsw2vVHJBdwRx1RXXV5OgVNb3a85hH9HAjF3oR_tsIayvV5zJs4SqYzI1hShkNVKtOLshYniRwcC2CkmW3Cp86b1Sp3YHfl6l3ZsShoG1Zn1VxS-lVVeaqWYg1jitHbqVCKohjyspQXTC58E7lZhz2oV8yGEXcntARxYp9aEHHLxrt-7dRHLJAGVK1RmcD1aChOMyIdwpAxesoAATj4VJk--bJ5A7XZeDKenZix29nfMu4D0XDraZFDC2xH7JNNNOicu-fbASk1Xfs-T2MvC2jidy0E6zD_XPqGh-K6Ip7ybFiXqmlt9q-oF1RcW89WszbMWUm568Zzs2QIBNTb2tzQf--SErPVTNw2WwL69XJbuEDbyNxPBoZON4mCSXAt6YuR6OvoLq184U6NaPc4e1xyqc-pu2S4cmwL-M52QUFIQnxRd6tFp4tOTlZPj6CzuTDBtP3hX8jGjvvGHi03rsNHyZ9LtcZZDSfzKc-xmvn7wgdaN8VqE3A2BLSAXIsotyqyjCTeBdem7HDPlPnAsyqDGl-_-Jvil8VtlSX_kyiFzHgmJAa2AmNcdP8q0bxdgNI3bJw3RlIIpdK98Z16CV84N3TjjOeiYH7mEsqk26I97BKv8ODk922iiD_1LGVf4JSoU7KYRTy2toGdPz3I9Ds0rJe3yu-07dPvjwebj4ZrtsuxKjirLnPBm1jcU3nG88RAGM2b1M2QIa8jxIfeaCrEJep0m9mY4tyrtmunW2nBAy3C4Gw5UWmu9632U71HYosbPArO3CjzpOG3koZngArirDN7dBBHh14H_pBTIB1LbtlHutmzWtzarCiaOeKYJ7T-LlxthBo6cfGVLXvhFaz51Y7w5IoTD12lRejZkqDUh78B232b3j_SfAbrB7zkyW7LFyBM87tadP5vpUDZC5c13m_bFWpjZZF2ntGoeCXGMNbUnIAzBZer1-i6nRdAZJRg9ovmMXtcLYXtQQHpk44XooABv6qV4I4AXlW9wGIp3tLEFbJcLrH6c1Y3XGbbA55PNd0IKQ3fuJ6l6MfOvY-9SBGTfB3UPLja61CDA266d0V3dw4PvXB_LpzBkWm0y5TCDrEfk6FFUjhDBCP--C0tRgBpjEW55VFTCZDq_6AaJ3KzicnUQRcgZJg17341fhCy5DaYV-jsAleLdhryq2XsPSYCK7wg0lshEpil9D2JoVxAyo2Kb6vboe4rseH_jEYpSIzaTUbvoIKd8C-B78BwQd7OVhCAZHYwpoFNDDH_wKPXQAxxcWQSJnicDwSGodHNBqp11ifYcWUTvboo6N13nnGKf021rN_XFYvy-tUggb0sJgZh9syhujPPGILUPLJrnY3yffTMDeBGFmdQpF6XLfYvcDe77hlWKDRmAJ0d_OMWQZhzA8NEQzmhEeRYlEeVvEElxa5yP2yyjvVDJIldVXdGPKJRJZw5gGLCYS2cPIxsiOFhYbyRTt_HZfN06xqqrN1tJIfOG-MlWNqRdlqbXOJvsCDpULtuvV73O_xU8Suk-6cJI6xsuC0meiWaQ4sLCiEfsEKV4GYEk5YS9kZBgW71CaINJGX5TE97xbD6EIvhP7EKY-IEojwNAmXraO3JPN2sVyTrNcOl6Xwf8Coe9QmvATxAvjD74OirisqFN7x5Y2VQCULrj2-cSjWt2bqXJ8y3FFYhWmi2cS2UfVJBkT7vbzFaSvV-oXszAkaJEK2v1jdv7ey597vuYWHBG4G-OzZTUuEmarQB3rmGg8JvLikiCfW4ZKyjM30QVQYCVe3_hmjx4_S00gJ0Lybnt8ii15xxM6KMDP-Xz37n2vmg196-27hfyVe4SImgG-4LN3muaN_Hf-D4GD45Rsg6_6LNeeH1e32R7mb-7-OyBnfZtKfLrtUXnxKaDjHHfA54c34ZW8oPv67TBmh4W3uBT6Gfm0AgsNSdC1jcGYoWfNnVWOy1gWx_I8j3M7Lj_u10sojwNB3FO7JY3fp6SnI9C5fN85Nwmis94CVqKMAUHfC64l0BjtH5lY9o3yA6SWWfDJOb4VVVU_HnsGXtvmJ7B25rGJ2KgG4_EmLQXdgxJ2jkdL2B1Clb_4eB-9qZnBATsuLxIUcLB1nd07vaNPGUOalWQlmp-aRhRuteneG-lyMix6E6Ej4O7h7uUzTAH3DwuJD9-2jt1KxBcxlm_TkNNKYi-j3o-nAP4AIGpDQKQEquQGtQBs0PYW8JRoIE2bz3eTECU4vv1xLqHGqTv-Gx1v2eW2uKWT_ejBhs0kH5rVkfiYRKcWImZKI20DEV71koFfd2HksR5PZQlowQa9ZEmafJIeUgVL85Aedd3tZSV72s9qx46U2hxC4eETVtWxfJDezY0lHdANj-wBYPMClLRGucPm_Rme3_X3DI3rnCWtbUWP5HxSIxZCSZ678lSeKqXRY3Ba3Dlg24jjhOLRyLnzwS_kbauZVoeHrGZhrmDd8XGjnCHdbfv9XlU6Hk4fNt1sJN2_yZHckn9G0TB-ODYAJnIH3pvNfVJ1jzpatFe-xmPE80FSKqkcumiuBJ8oDpZopCnu9nD4snwM6FnvIK_LhjyVeHQercO8jynQveGVyrEzcNzKqRFv6ErrIPNvAPFcybiUdKnqXn98d6vIKdkI_tmJF5svh8dOjrePQazvRZ72Mi__3hCuOVaPX2OyoxMaryhYVdV5bkbKAo7AUr7zTEdRm94nQwLiLvLwKBqxrRLWdHEbjWOJW4FaHe8AaGQgAEhXkaFoN96WbV6oO8neRIixVA-0pvfFgAQ&ias_dspID=3&ias_campId=26750841&ias_pubId=pub-4104491810713150&ias_chanId=1&ias_placementId=16231403734&bidurl=https://nv.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jIPd5nvdC5_Q2BQkZzqhUo&adsafe_url=https%3A%2F%2Fnv.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e4cde681-5552-d6a0-6c51-ffc78f1d08b6,c:593oWl,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-78fb47c986-pfscj,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:cfrma1,nbld:0,mtim:4,fm:sYmG1I9+11%7C12%7C13%7C14*.952859-60854783%7C141%7C142,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:79570c15-9576-11ec-94b8-5e5fbb84275d,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 13:27:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220221/r20110914/ Frame 372A 25 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220221/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9647
x-xss-protection: 0
server: cafe
etag: 6462939580093197770
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 13:30:24 GMT

GET
DATA 200
OK truncated
/ Frame 372A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c18e79df5b9232d22f7736381ac8b4e818ebfccaefa65dad80cd4d53d422d372

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13657392133266294204/ Frame A69D 6 KB
2 KB 59ms
25ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13657392133266294204/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bd849485a915aca72cc26c63b5e172ce574a1c1aee7f00100765c30f2caa1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2518
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 19:31:10 GMT
expires: Wed, 22 Feb 2023 19:31:10 GMT
cache-control: public, max-age=31536000
age: 151392
last-modified: Tue, 08 Feb 2022 16:26:59 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 372A 0
524 B 126ms
61ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstItOSaM1EjbGsPMV5hr4poVE86HzhgIvcXjN3ogAW2_rpSOYW3CAn1d4reC8_zCZ32pmDCC-K7DrG2uFbhH_xXNDbDihW5M-Xwv4YdoMoAmQ1n3wXwKcK5&sai=AMfl-YSLqx_L6FdeGb3RiqTztlpIxoGJYB3rTdmsVKt853G0DTYx4F0bCi5DqdYZ3waFoSrT11j7MWMdyD65q25o7o88q-R_9FWKRtyZ02o&sig=Cg0ArKJSzJkkZJCdvd9eEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=139&cbvp=1&cstd=137&cisv=r20220221.36864&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 13:34:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 view.gif
tk.conforama.fr/v/ Frame 372A 43 B
322 B 97ms
19ms Image
image/gif 15.236.149.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.conforama.fr/v/view.gif?esvid=A244&esvr=$!{random_number}&utm_medium=display_media&utm_source=N957019.3558825DV360-FRANCE&utm_campaign=fr__tf__meublant__dis__s07__2022__g123__obj1__cpm__auda__doc07chambre&wiz_campaign=fr__tf__meublant__dis__s07__2022__g123__obj1__cpm__auda__doc07&utm_content=166081807
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.236.149.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-236-149-177.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:22 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
content-length: 43
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"

GET
H2 200 view.gif
tk.conforama.fr/v/ Frame 372A 43 B
322 B 96ms
18ms Image
image/gif 15.236.149.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.conforama.fr/v/view.gif?esvid=A244&esvr=$!{random_number}&utm_medium=display_media&utm_source=N957019.3558825DV360-FRANCE&utm_campaign=fr__tf__meublant__vol__s07__2022__g123__obj1__cpvv__auda__doc07chambre&wiz_campaign=fr__tf__meublant__vol__s07__2022__g123__obj1__cpvv__auda__doc07&utm_content=166081807
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.236.149.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-236-149-177.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:22 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
content-length: 43
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 372A 43 B
215 B 98ms
98ms Image
image/gif 52.22.193.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=952859&asId=e4cde681-5552-d6a0-6c51-ffc78f1d08b6&tv=%7Bc:593p3K,pingTime:-10,time:479,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645709662500%7C%7C14c42da9d29ddb5685508261ae93b992%7C%7C920bd99aa4265c459f442b819dba176b%7C%7Ce87afab67293153db14add4001183d1e%7C%7C9a152bfed2cd52c3a257873b39a3cac2%7C%7C7f63768832d9db77ff56b31fb714439d%7C%7C38a4aaec3eeb147ca05fdab422db26c3%7C%7C2424906264825386a83e14faf4562c59%7C%7C1629390669%7D
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.193.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-193-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame A69D 186 KB
48 KB 145ms
34ms Script
text/javascript 2a02:26f0:f7::5c7b:e033
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13657392133266294204/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e033 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:34:22 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Thu, 24 Feb 2022 13:49:22 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/13657392133266294204/ Frame A69D 248 KB
50 KB 27ms
26ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13657392133266294204/index.js?1643738035347

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13657392133266294204/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa267807f1278b0e0d7a659f50501070cbc445cfcc0067d9b54f737c0e3ed801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13657392133266294204/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 19:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51236
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:26:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 19:31:11 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 372A 43 B
215 B 99ms
98ms Image
image/gif 52.22.193.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=952859&asId=e4cde681-5552-d6a0-6c51-ffc78f1d08b6&tv=%7Bc:593p54,time:561,type:e,im:%7Bpci:%7Btdr:506%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:561,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B553~0%5D,as:%5B553~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:342,fm:sYmG1I9+11%7C12%7C13%7C14*.952859-60854783%7C141%7C142,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.193.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-193-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Prod1.jpg
s0.2mdn.net/sadbundle/13657392133266294204/images/ Frame A69D 23 KB
23 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13657392133266294204/images/Prod1.jpg?1643738035338

Requested by

Host: 7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
URL: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fc914d22e2d3616483eacaa08fa02dce64432f2de79e7f91fc65666c1e4f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13657392133266294204/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 19:31:12 GMT
x-content-type-options: nosniff
age: 151390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23258
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:26:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 19:31:12 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 372A 0
23 B 94ms
60ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstItOSaM1EjbGsPMV5hr4poVE86HzhgIvcXjN3ogAW2_rpSOYW3CAn1d4reC8_zCZ32pmDCC-K7DrG2uFbhH_xXNDbDihW5M-Xwv4YdoMoAmQ1n3wXwKcK5&sai=AMfl-YSLqx_L6FdeGb3RiqTztlpIxoGJYB3rTdmsVKt853G0DTYx4F0bCi5DqdYZ3waFoSrT11j7MWMdyD65q25o7o88q-R_9FWKRtyZ02o&sig=Cg0ArKJSzJkkZJCdvd9eEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=381&vt=11&dtpt=242&dett=3&cstd=137&cisv=r20220221.36864&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 13:34:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Prod2.jpg
s0.2mdn.net/sadbundle/13657392133266294204/images/ Frame A69D 22 KB
22 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13657392133266294204/images/Prod2.jpg?1643738035338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3569571adfa6ea541b53d68d4e9ff538077f6ffa16a2e6daea9ef5916560ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13657392133266294204/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 19:31:12 GMT
x-content-type-options: nosniff
age: 151390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22574
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:26:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 19:31:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 372A 43 B
215 B 99ms
99ms Image
image/gif 52.22.193.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=952859&asId=e4cde681-5552-d6a0-6c51-ffc78f1d08b6&tv=%7Bc:593p7W,time:739,type:e,im:%7BpLoad:707%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:739,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B731~0%5D,as:%5B731~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:101,fm:sYmG1I9+11%7C12%7C13%7C14*.952859-60854783%7C141%7C142,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.193.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-193-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 13:34:22 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Prod3.jpg
s0.2mdn.net/sadbundle/13657392133266294204/images/ Frame A69D 33 KB
33 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13657392133266294204/images/Prod3.jpg?1643738035338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29fbcae8d803c4b40bbc5217f39fa1a406e326996d59696f959a910f4cb6790c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13657392133266294204/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 19:31:13 GMT
x-content-type-options: nosniff
age: 151389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34238
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:26:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 19:31:13 GMT

GET
H3 200 Prod4.jpg
s0.2mdn.net/sadbundle/13657392133266294204/images/ Frame A69D 23 KB
23 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13657392133266294204/images/Prod4.jpg?1643738035338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53a438f8add46f6a5fe5357b35688d9aa681b6c34294260c9e9c496cb4a4832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13657392133266294204/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 19:31:13 GMT
x-content-type-options: nosniff
age: 151389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23247
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:26:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 19:31:13 GMT

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 09:53:05	Name: FTID Value: 1Y5ubg35aJ8G1Y5ubg001Lbm
.nv.ua/	1970-01-20 03:18:05	Name: _gcl_au Value: 1.1.1658093954.1645709661
.yadro.ru/	1970-01-20 09:53:05	Name: VID Value: 0j_Aiz1fPLOG1Y5ubg001Lg7
.nv.ua/	1970-01-20 10:37:17	Name: __gfp_64b Value: 3wjL1UiwfTMdn_F_w2WFEkW7eNx3asPrBMgw.rHZVsr.h7\|1645709660
.nv.ua/	1970-01-20 18:39:41	Name: _ga_52RSPD3WMK Value: GS1.1.1645709660.1.0.1645709660.0
.hit.gemius.pl/	1970-01-20 01:18:34	Name: Gtest Value: KlSgAMaGQMQGvfL0l01BpaaissGMXP8c25nSGFtZvGnBXBG.
.nv.ua/	1970-01-20 18:39:41	Name: _ga Value: GA1.2.567991377.1645709661
.nv.ua/	1970-01-20 01:09:56	Name: _gid Value: GA1.2.1102938487.1645709661
.nv.ua/	1970-01-20 01:08:29	Name: _dc_gtm_UA-51943557-1 Value: 1
.hit.gemius.pl/	1970-01-20 10:37:17	Name: Gdyn Value: KlGNeRMGQMQGvfL0l01BpaaissGMXP8c25nSGFtZvGnBFRxSG7RrGS6GNolBFlMMYH7hRjBGqSRxSG8.
.nv.ua/	1970-01-20 10:30:05	Name: __gads Value: ID=b3e6510addf53e9e-22de725e4ccd0068:T=1645709660:S=ALNI_MZmMeOtZEozixJOYpFMY1xdp0dB3Q
.doubleclick.net/	1970-01-20 10:30:05	Name: IDE Value: AHWqTUmj9MqroU-AACQ8Jp1bR9yOALB6vaTLlo4hSLpdBkKCwi_gPX565qRnPZgVa4A
.adnxs.com/	1970-01-20 03:18:05	Name: uuid2 Value: 1345921304116585498
.casalemedia.com/	1970-01-20 03:18:05	Name: CMPS Value: 1216
.adnxs.com/	1970-01-20 03:18:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU$q*6Wp!]tbPl1M>e)ZlrFUfJ+tGXxpC9((%8<_Cb!<u_Q=<SajeTyxaPYvpj]uIr.=3If)y3KL9D3I?+6mE5'Q
.casalemedia.com/	1970-01-20 01:09:56	Name: CMST Value: YheJXWIXiV0A
.casalemedia.com/	1970-01-20 09:54:05	Name: CMID Value: YheJXZQ2h-8y7BKKtflpngAA
.casalemedia.com/	1970-01-20 03:18:05	Name: CMPRO Value: 1176
.casalemedia.com/	1970-01-20 09:54:05	Name: CMRUM3 Value: 2d6217895d2760CAESEA4Za_LUFGsoT_Hd7nyPjLw
tk.conforama.fr/	1970-01-20 09:54:05	Name: uid Value: rB8A0mIXiV68VwJHuuS+Ag==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://nv.ua/ Message: The resource https://nv.ua/fonts/nvua-icons.woff2?02836d3970fb4d607aad597e0eff230e was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7fbe15b45b267df51de1a216b2c3272b.safeframe.googlesyndication.com
adservice.google.com
adservice.google.fr
bid.g.doubleclick.net
cm.g.doubleclick.net
code.createjs.com
counter.yadro.ru
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.weserv.nl
ls.hit.gemius.pl
nv.ua
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.nv.ua
stats.g.doubleclick.net
tk.conforama.fr
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
141.95.64.123
142.250.181.226
142.250.186.98
146.59.30.108
15.236.149.177
216.58.212.130
2600:9000:224a:2000:8:48e:53c0:93a1
2606:4700:3032::6815:4f5f
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2001
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
2a02:26f0:f7::5c7b:e033
37.252.172.36
44.235.179.16
52.22.193.24
54.37.238.28
72.247.225.98
74.125.140.154
88.212.201.198
011c5b161f01f755e472499a0d1bdb41dc61cc6b1c692b619912e83a75123175
05fc914d22e2d3616483eacaa08fa02dce64432f2de79e7f91fc65666c1e4f76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be818c7297ada14488ab6e8136a0baa769ef214ad2beb3679af97271e660c42
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0f50537bd67dcd3f340254ddb4fb79bddc06d2fc1d107b93f81b97b951ffca08
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14ac6090640ad0b4a09f3588c838aad6ccb836b594468c5d42601d6a76044ab6
1685cb58ad7de40415d4bfdc156133febe1c4fe5220706624a7348b3514a80cb
1c505c0bc7f989b3fb928ab9db2062c75a9718ee7a7dcdfd33fd94b433ec939c
20ae1fc3d19c3444c04a53af3d76cb2ea1845cb8b657400aa589427b46b47a56
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
275fed66a144ba70e5290629ee122bd0016a89410b1dadc604c2daa395443443
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2941793735d18273074e2f58e0476f9deac20d00e198c6680876dd15be94a880
29fbcae8d803c4b40bbc5217f39fa1a406e326996d59696f959a910f4cb6790c
2bfcfbe51c422241c10ca62e56f655d4224653f75cc137f868e8df16852b9716
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3350916ca0d5c6282c7f5e5402bc6528d1520a8c0b311ec283f8be78b1254107
33bb69dbe53ecb529fe335613ed5ed2160f22af3b4f37a4afb81626eac3efa58
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
3e74aedec4ed908c9ce4b065f7ce3c957878634f996cbab91f493a96c397666c
40a64ceaca9fd3dc758fefce5cb6109106675bd34cb4a9fa652499d92ca454cd
4457b5354c13990d3e20d6d958bde6b43c44c4410d7468c1fc6bdbfd5824c29d
44e03086f26e3cc0aab1f0c1ca9d8692d0d524e67569800adda407edc2347345
46f2a7163b7e8122a448f185ca97749eb8b7f85b26f37ad488b88637e946ac73
4ab8a7bd40d04ba676bae7eafbe5af25842f8da40395a928a70caefd2f120ae1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf89cff6a2d79b3a62efd7085592a218ff2c8606f42a5c0c26034f499008b10
4c2c35cfef642ef466e7fe702ab3d5149a7233198de73aff29f4d944adbcc2af
4e277e2307545b2af9e4f500d731db0ed93c2162f0ecb0b32185d3f9448ba0ed
4e8ee3f64944a1c93d4551089088e8095b261473cc4d0543936130207f4a3dbf
5003be8fb61f72d449fec505923ff5c4117b3a48907416f35c07fe2cee25aa7e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e33063a185d3f81eeb953b5a805f8f4f2ac6efe74dbfbd0383f950c060f9bd
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
57138792f0f9723e0ac85492f8e60f31af475480e29165903966d946c486f3c2
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
589f965a1e965ad87e58357fe254c86efaad955f67e31803f7529179455e805f
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c5b2698a3195477d54ca1e022409fdcffbdf1b049e6213bf94efe0a598c64e
6561b20d9ec37a59408d35be0f1240c1eb9280c1f8b3dd6b3ff5a25bafcaa8b6
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
6bd6920c2c37b57eddcf02fdd098052ab8e9e91fead33244e6dccaa6d9ebf6a3
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9
7794c62b26259102c72ee987968b14315d3007d5d647c056bafc214746d352b8
7e354744cbca727150166cda7836229f74f9878b90a18fb425f12db5f6ef2f72
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8bd849485a915aca72cc26c63b5e172ce574a1c1aee7f00100765c30f2caa1e1
912c59a0f6935c6c471a0a7e1899f54df0ba63d3209981868c127d2e476ba977
936f9f2ee832f295a790828dd9551270607e8cbbb343074e7bb8b6b03a285285
945106e2d0aa7a20278e35d205f8d25c4eef1205f1f8e42b4c45131c89111642
95ca2be93c5ad766a8a83ed2c78ba3e6f8e695d35d8a6317f5c0d03f9949b29d
95d02ce1841e247d758b29522d6eeac9ecd1ff2d319fe84342d549836126f25a
9a3569571adfa6ea541b53d68d4e9ff538077f6ffa16a2e6daea9ef5916560ed
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a33c2e741941948e5422c6274f1f1844b308f923cf123e3f02a4c28ca40713b1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa19dbe9a9955e52aa4ea95c727dfcd38a8df4bfe7422223dd78a9acc2bfb43d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53a438f8add46f6a5fe5357b35688d9aa681b6c34294260c9e9c496cb4a4832
badfe630d96a38456591cacf9be541b00b26a1c0917e565509b32c8976002c47
c18e79df5b9232d22f7736381ac8b4e818ebfccaefa65dad80cd4d53d422d372
c5f87b54af5403c21d653727fb5fe8e0e2b8c6053507e91b158e4956e4d3c89f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08c4470654d3ae0d80d84cb71325fe88b72913f65542f9068170c569be95be5
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d596968fef8e48cfd9193d24eb9324725dc84ba68ff231da4ad7b18f263c4b69
d7499826f2749f15747fd54911084ee5e9ffab3787fdc35dbad01525039c6dae
da6c3bfa55f104364e1b6cc0f124d569d96708ef57ebc99f1b975f2c1ba78ac0
dc360f3b6cbaace99357e80360f12cda3b908394a6522de051b92a187f9f2ad9
df6b45679cddc62b164f1c2aec34a49a0431a283fcb3f8a0badbd03b21baddc2
e0fb8d50a728d4fb13bebef0b4f9f43a69596aadbaf06ec6729cfb1e3cfd7aad
e18aee161952050e4198c2e4872c6a8d5a45a05a060b1daf23ad34ca11450c4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2f168da98bc477383de98bee3c89ece88fb9ca745630ae0b5af8c288a5193d
ef0b9bd94fa0434d2cdc16382ed2000bbd26a85efc001363c233cf3ef997f360
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6974907cb75c804094b8dfc76e0c4ed59d4b8bf0f982e4a5815d83eb561c672
f7cdef99c23020b36e5eee53c6b0a85e5747e35bbf00f086767c70e660622980
f97aa6f7cfcf30bd74d3f00da415ef44dde1ad1177efee0ac4aa641d116bb9b7
fa267807f1278b0e0d7a659f50501070cbc445cfcc0067d9b54f737c0e3ed801
facbebb23aa8731e6a2de2722c4d5b9c6804103b56aa487dcff157be26a410c0
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319
fbf97333e5082f2ee25f4c4859e28e688db8cc1ecaca5328e9181c5f346e6885
ff22a864e99d704d08ccb4b558749f04dd5870f1f43e11057604735ab45411c5

nv.ua Open in urlscan Pro 141.95.64.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

94 %HTTPS

55 %IPv6

17 Domains

30 Subdomains

30 IPs

5 Countries

2473 kBTransfer

4328 kBSize

20 Cookies

108 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nv.ua Open in urlscan Pro
141.95.64.123 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

94 %
HTTPS

55 %
IPv6

17
Domains

30
Subdomains

30
IPs

5
Countries

2473 kB
Transfer

4328 kB
Size

20
Cookies

118 HTTP transactions
1 data transactions