ukrrudprom.ua Open in urlscan Pro
104.22.54.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee...
Submission: On March 26 via api (March 26th 2025, 5:21:26 pm UTC) from UA — Scanned from PL

Summary HTTP 81 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 14 domains to perform 81 HTTP transactions. The main IP is 104.22.54.181, located in and belongs to CLOUDFLARENET, US. The main domain is ukrrudprom.ua.
TLS certificate: Issued by WE1 on January 27th 2025. Valid for: 3 months.

This is the only time ukrrudprom.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	104.22.54.181 104.22.54.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	94.139.255.28 94.139.255.28	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
1	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
2	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
3	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	142.250.181.195 142.250.181.195	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
5	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
4	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
4	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
5	142.132.138.212 142.132.138.212	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS LLC "Caprate Partners")
1 2	142.132.138.214 142.132.138.214	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 2	54.37.238.28 54.37.238.28	16276 (OVH OVH SAS) (OVH OVH SAS)
81	18

43 104.22.54.181 (None, )

ASN13335 (CLOUDFLARENET, US)

ukrrudprom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
test.ukrrudprom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.139.255.28 (Asbest, Russian Federation)

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.195 (United States)

ASN15169 (GOOGLE, US)
PTR: ham02s21-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.132.138.212 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.212.138.132.142.clients.your-server.de

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS LLC "Caprate Partners", UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.132.138.214 (Falkenstein, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.214.138.132.142.clients.your-server.de

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ip28.ip-54-37-238.eu

ua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	ukrrudprom.ua ukrrudprom.ua test.ukrrudprom.ua	83 KB
7	acint.net 1 redirects www.acint.net — Cisco Umbrella Rank: 20431	24 KB
6	gstatic.com csi.gstatic.com fonts.gstatic.com	82 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 130 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 754	209 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 118	196 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 117
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2478 ssl.google-analytics.com — Cisco Umbrella Rank: 1077	18 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 201	77 KB
2	gemius.pl 1 redirects ua.hit.gemius.pl — Cisco Umbrella Rank: 846373	1 KB
1	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 419567	720 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	121 KB
1	rambler.ru counter.rambler.ru — Cisco Umbrella Rank: 185161	381 B
0	consensu.org Failed quantcast.mgr.consensu.org Failed
81	14

	Domain	Requested by
24	ukrrudprom.ua	ukrrudprom.ua
19	test.ukrrudprom.ua	ukrrudprom.ua
7	www.acint.net	1 redirects ukrrudprom.ua www.acint.net
5	pagead2.googlesyndication.com	ukrrudprom.ua pagead2.googlesyndication.com
4	fonts.gstatic.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	www.facebook.com	connect.facebook.net
3	connect.facebook.net	ukrrudprom.ua connect.facebook.net
2	ua.hit.gemius.pl	1 redirects
2	ssl.google-analytics.com	ukrrudprom.ua
2	csi.gstatic.com	ukrrudprom.ua
2	apis.google.com	ukrrudprom.ua apis.google.com
1	c.bigmir.net
1	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ukrrudprom.ua
1	counter.rambler.ru	ukrrudprom.ua
0	quantcast.mgr.consensu.org Failed	ukrrudprom.ua
81	18

This site contains links to these domains. Also see Links.

Domain
top100.rambler.ru
test.ukrrudprom.ua
www.facebook.com
twitter.com
www.livejournal.com
www.linkedin.com
www.ukrrudprom.com
www.compromat.ua
gopri.in.ua
balloon.casino
www.ukrrudprom.ua
www.restoran.ua
www.readmetal.com
lenty.ru
www.bigmir.net
miavia.net

Subject Issuer	Validity	Valid
ukrrudprom.ua WE1	`2025-01-27` - `2025-04-27`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-02` - `2025-06-03`	a year	crt.sh
*.google-analytics.com WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.apis.google.com WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-01-02` - `2025-04-02`	3 months	crt.sh
*.gstatic.com WR2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.google.com WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
upload.video.google.com WE2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.acint.net E6	`2025-03-21` - `2025-06-19`	3 months	crt.sh
c.bigmir.net R10	`2025-01-26` - `2025-04-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Frame ID: 19C70990FA975BF5E5045450A936D58A
Requests: 78 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: FFF9435A4A7A504ECDDE4F576AA6ED04
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=207337005970640&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3601bd434d9c31d6%26domain%3Dukrrudprom.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fukrrudprom.ua%252Ff602e6008ebdd223e%26relation%3Dparent.parent&container_width=0&font=&href=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&locale=ru_RU&sdk=joey&send=true&show_faces=false&width=450
Frame ID: A43A14CA9F87A573D7B111BFBBD1F9B0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/comments.php?app_id=207337005970640&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc8fc4aa2dfcb31a3%26domain%3Dukrrudprom.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fukrrudprom.ua%252Ff602e6008ebdd223e%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&locale=ru_RU&migrated=1&sdk=joey&width=575
Frame ID: BA37926E5B0051F0A815F96DB93CD1DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

БЭБ завершило расследование против беглой владелицы iBox Bank Алены Дрегер-Шевцовой и ее пособниц Цыганок и Нестеровской

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

81
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

18
Subdomains

18
IPs

6
Countries

817 kB
Transfer

3061 kB
Size

99
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://top100.rambler.ru/top100/

Search URL Search Domain Scan URL

URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ck.php?oaparams=2__bannerid=1047__zoneid=14__cb=d595dd1296__oadest=https%3A%2F%2Fwww.buymeacoffee.com%2Fukrrudprom.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=http://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=http://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html+-+%D0%91%D0%AD%D0%91%20%D0%B7%D0%B0%D0%B2%D0%B5%D1%80%D1%88%D0%B8%D0%BB%D0%BE%20%D1%80%D0%B0%D1%81%D1%81%D0%BB%D0%B5%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%BE%D1%82%D0%B8%D0%B2%20%D0%B1%D0%B5%D0%B3%D0%BB%D0%BE%D0%B9%20%D0%B2%D0%BB%D0%B0%D0%B4%D0%B5%D0%BB%D0%B8%D1%86%D1%8B%20iBox%20Bank%20%D0%90%D0%BB%D0%B5%D0%BD%D1%8B%20%D0%94%D1%80%D0%B5%D0%B3%D0%B5%D1%80-%D0%A8%D0%B5%D0%B2%D1%86%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D0%B5%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D0%BD%D0%B8%D1%86%20%D0%A6%D1%8B%D0%B3%D0%B0%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%9D%D0%B5%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9

Search URL Search Domain Scan URL

URL: http://www.livejournal.com/update.bml?event=%D0%A1%D1%85%D0%B5%D0%BC%D0%B0%20%D0%BE%D0%B1%20%D0%BE%D1%82%D0%BC%D1%8B%D0%B2%D0%B0%D0%BD%D0%B8%D0%B8%205%20%D0%BC%D0%BB%D1%80%D0%B4%20%D0%B3%D1%80%D0%B8%D0%B2%D0%B5%D0%BD%20%D0%B4%D0%BB%D1%8F%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE+-+http://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&subject=%D0%91%D0%AD%D0%91%20%D0%B7%D0%B0%D0%B2%D0%B5%D1%80%D1%88%D0%B8%D0%BB%D0%BE%20%D1%80%D0%B0%D1%81%D1%81%D0%BB%D0%B5%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%BE%D1%82%D0%B8%D0%B2%20%D0%B1%D0%B5%D0%B3%D0%BB%D0%BE%D0%B9%20%D0%B2%D0%BB%D0%B0%D0%B4%D0%B5%D0%BB%D0%B8%D1%86%D1%8B%20iBox%20Bank%20%D0%90%D0%BB%D0%B5%D0%BD%D1%8B%20%D0%94%D1%80%D0%B5%D0%B3%D0%B5%D1%80-%D0%A8%D0%B5%D0%B2%D1%86%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D0%B5%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D0%BD%D0%B8%D1%86%20%D0%A6%D1%8B%D0%B3%D0%B0%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%9D%D0%B5%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?summary=%D0%A1%D1%85%D0%B5%D0%BC%D0%B0%20%D0%BE%D0%B1%20%D0%BE%D1%82%D0%BC%D1%8B%D0%B2%D0%B0%D0%BD%D0%B8%D0%B8%205%20%D0%BC%D0%BB%D1%80%D0%B4%20%D0%B3%D1%80%D0%B8%D0%B2%D0%B5%D0%BD%20%D0%B4%D0%BB%D1%8F%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&title=%D0%91%D0%AD%D0%91%20%D0%B7%D0%B0%D0%B2%D0%B5%D1%80%D1%88%D0%B8%D0%BB%D0%BE%20%D1%80%D0%B0%D1%81%D1%81%D0%BB%D0%B5%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%BE%D1%82%D0%B8%D0%B2%20%D0%B1%D0%B5%D0%B3%D0%BB%D0%BE%D0%B9%20%D0%B2%D0%BB%D0%B0%D0%B4%D0%B5%D0%BB%D0%B8%D1%86%D1%8B%20iBox%20Bank%20%D0%90%D0%BB%D0%B5%D0%BD%D1%8B%20%D0%94%D1%80%D0%B5%D0%B3%D0%B5%D1%80-%D0%A8%D0%B5%D0%B2%D1%86%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D0%B5%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D0%BD%D0%B8%D1%86%20%D0%A6%D1%8B%D0%B3%D0%B0%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%9D%D0%B5%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9&mini=true&url=http://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&source=Ukrrudprom

Search URL Search Domain Scan URL

URL: http://www.ukrrudprom.com/
Title: Укррудпром

Search URL Search Domain Scan URL

URL: http://www.compromat.ua/
Title: Компромат

Search URL Search Domain Scan URL

URL: https://gopri.in.ua/
Title: joker casino

Search URL Search Domain Scan URL

URL: http://balloon.casino/
Title: balloon.casino

Search URL Search Domain Scan URL

URL: https://www.ukrrudprom.ua/

Search URL Search Domain Scan URL

URL: https://www.restoran.ua/

Search URL Search Domain Scan URL

URL: https://www.readmetal.com/

Search URL Search Domain Scan URL

URL: https://lenty.ru/

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/
Title:

Search URL Search Domain Scan URL

URL: https://miavia.net/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 75

https://ua.hit.gemius.pl/_1743009680521/rexdot.gif?l=30&id=ofhAUn9Vx02HArtrffVl8ZaFDkadaGcTg85xsp6M943.I7&fr=1&fv=-&tz=-60&href=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&ref=&screen=1600x1200&col=24 HTTP 301
https://ua.hit.gemius.pl/__/_1743009680521/rexdot.gif?l=30&id=ofhAUn9Vx02HArtrffVl8ZaFDkadaGcTg85xsp6M943.I7&fr=1&fv=-&tz=-60&href=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&ref=&screen=1600x1200&col=24

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html Show response
ukrrudprom.ua/news/ 46 KB
12 KB 269ms
176ms Document
text/html 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a84141bdaec34628cf09e5137afa8c79972feeaffd823024d7f25110231869d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 926852d93bc7bf2b-WAW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 26 Mar 2025 17:21:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-backend1-cache: EXPIRED

GET
H2 200 main.css
ukrrudprom.ua/res/css/ 21 KB
5 KB 39ms
38ms Stylesheet
text/css 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ukrrudprom.ua/res/css/main.css?v=2

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7985ee1c0f9707490504c330ba30eac3225fe1c6c57a2badbba9ab031da73514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-encoding: br
cf-bgj: minify
etag: W/"61cddbc3-7046"
age: 1232
cf-cache-status: HIT
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852da5d8cbf2b-WAW
cf-polished: origSize=28742
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: text/css
last-modified: Thu, 30 Dec 2021 16:18:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 rocket-loader.min.js Show response
ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 28ms
27ms Script
application/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67d49e82-302c"
x-content-type-options: nosniff
cf-ray: 926852da6d90bf2b-WAW
expires: Fri, 28 Mar 2025 17:21:18 GMT
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:24:18 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 top100.cnt
counter.rambler.ru/ 43 B
381 B 388ms
146ms Image
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to Show image

Full URL

https://counter.rambler.ru/top100.cnt?779308

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: t100-exd
content-length: 43
date: Wed, 26 Mar 2025 17:21:19 GMT
pragma: no-cache
content-type: image/gif

GET
H2 200 logo.png
ukrrudprom.ua/res/i/ 8 KB
8 KB 48ms
47ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/logo.png

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543c0e8989e38fc081eb2e5a32971647e64c07843c1531f66ef0a0be2aa24bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "61cd81ed-2939"
age: 1232
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=10553
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="logo.webp"
vary: Accept
last-modified: Thu, 30 Dec 2021 09:54:53 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852da6d95bf2b-WAW
accept-ranges: bytes
content-length: 8432
server: cloudflare

GET
H2 200 email-decode.min.js Show response
ukrrudprom.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
727 B 29ms
29ms Script
application/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ukrrudprom.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67d49e82-4d7"
x-content-type-options: nosniff
cf-ray: 926852da6d96bf2b-WAW
expires: Fri, 28 Mar 2025 17:21:18 GMT
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:24:18 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 soc_fb.gif
ukrrudprom.ua/res/i/ 350 B
500 B 44ms
44ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/soc_fb.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

789164c5ac76ad51ec1570d4381be384a0136a69875d754bbb6f7e331a634639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "4ca2ec8e-5ac"
age: 7000
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=1452
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="soc_fb.webp"
vary: Accept
last-modified: Wed, 29 Sep 2010 07:36:46 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852da9dfebf2b-WAW
accept-ranges: bytes
content-length: 350
server: cloudflare

GET
H2 200 soc_twitter.gif
ukrrudprom.ua/res/i/ 338 B
498 B 113ms
113ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/soc_twitter.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

281d7a00b49ae37ebe634630f5cc0f583dc9e14cbe27d2f2afb02c375f97c1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "4ca2ec8f-5b8"
cf-cache-status: REVALIDATED
cf-polished: origFmt=gif, origSize=1464
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="soc_twitter.webp"
vary: Accept
last-modified: Wed, 29 Sep 2010 07:36:47 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dace5bbf2b-WAW
accept-ranges: bytes
content-length: 338
server: cloudflare

GET
H2 200 soc_lj.gif
ukrrudprom.ua/res/i/ 358 B
485 B 88ms
84ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/soc_lj.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10261dcd507dfc7f163ea11e037847ab07113b09a280747f3a1632b4adcfa0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "4ca2ec8f-596"
age: 2690
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=1430
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="soc_lj.webp"
vary: Accept
last-modified: Wed, 29 Sep 2010 07:36:47 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852db5f3ebf2b-WAW
accept-ranges: bytes
content-length: 358
server: cloudflare

GET
H2 200 soc_linkedin.gif
ukrrudprom.ua/res/i/ 324 B
474 B 38ms
37ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/soc_linkedin.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f55d8c03fc956ebd16c9b26797a98233c935476029c6a5b1074409bdde01b5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "4ca2f159-5a0"
age: 7000
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=1440
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="soc_linkedin.webp"
vary: Accept
last-modified: Wed, 29 Sep 2010 07:57:13 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dbd82fbf2b-WAW
accept-ranges: bytes
content-length: 324
server: cloudflare

GET
H2 200 captcha.php
ukrrudprom.ua/engine/core/controllers/ 3 KB
3 KB 68ms
66ms Image
image/png 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ukrrudprom.ua/engine/core/controllers/captcha.php
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2186491927d247f75dd978ad7d89e5bd60e42912ecee8eff4dc3d2eb6ab8f024

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852dc0891bf2b-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT
date: Wed, 26 Mar 2025 17:21:18 GMT
x-backend1-cache: BYPASS
content-type: image/png
server: cloudflare

GET
H2 200 urplogo.gif
ukrrudprom.ua/res/i/ 482 B
665 B 45ms
43ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/urplogo.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab33eda1456f04a8ccce3809a56d0d16a8a25f402f1f42bb0eb7ac3fd9751057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "4db92bf8-254"
age: 1213
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=596
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="urplogo.webp"
vary: Accept
last-modified: Thu, 28 Apr 2011 08:57:28 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc0894bf2b-WAW
accept-ranges: bytes
content-length: 482
server: cloudflare

GET
H2 200 RestoranUA.gif
ukrrudprom.ua/res/i/b/ 5 KB
5 KB 128ms
127ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b/RestoranUA.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65e7ed59dd916b075099ce48d07dd5d25a0d4711b1c7485fd54f30798fdbfcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "49da60cc-167a"
cf-cache-status: REVALIDATED
cf-polished: origFmt=gif, origSize=5754
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="RestoranUA.webp"
vary: Accept
last-modified: Mon, 06 Apr 2009 20:06:36 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc0896bf2b-WAW
accept-ranges: bytes
content-length: 4854
server: cloudflare

GET
H2 200 KnopkaMetal.gif
ukrrudprom.ua/res/i/b/ 2 KB
2 KB 51ms
49ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b/KnopkaMetal.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ecc3dab94edb5f3c45bcd2a1f0d54d5f447117e3f2694eb229cc6a4da2b259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "49da60cc-8e6"
age: 1232
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=2278
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="KnopkaMetal.webp"
vary: Accept
last-modified: Mon, 06 Apr 2009 20:06:36 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc0897bf2b-WAW
accept-ranges: bytes
content-length: 1638
server: cloudflare

GET
H2 200 lenty.gif
ukrrudprom.ua/res/i/b/ 864 B
985 B 141ms
139ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b/lenty.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

292f89bc9e6c0ac11bab1595b507d73b004ddc5ded62dd37a87d2d59908be722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "49da60cc-3b3"
cf-cache-status: REVALIDATED
cf-polished: origFmt=gif, origSize=947
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="lenty.webp"
vary: Accept
last-modified: Mon, 06 Apr 2009 20:06:36 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc0898bf2b-WAW
accept-ranges: bytes
content-length: 864
server: cloudflare

GET
H2 200 miavia.gif
ukrrudprom.ua/res/i/b/ 526 B
672 B 50ms
49ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b/miavia.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167c8246a6a1dfde0c6cad10abf87fb2977b84f3dc158fafd3a6a2165cb6cdca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

cf-bgj: imgq:100,h2pri
etag: "4a7ef48e-302"
age: 1232
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=770
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="miavia.webp"
vary: Accept
last-modified: Sun, 09 Aug 2009 16:08:46 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc0899bf2b-WAW
accept-ranges: bytes
content-length: 526
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 361 KB
121 KB 206ms
97ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4JK1V57QK9

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

34ca11ba0475f4e4edf69b3253f1af830a4f00b708899e92000ab8985997d72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires: Wed, 26 Mar 2025 17:21:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
content-length: 123612
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 plusone.js Show response
apis.google.com/js/ 63 KB
24 KB 189ms
65ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

f40169827e4b00e8ea4421a8fe3358494f54c2c9f120028427c0c0d52a079c10

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: gzip
etag: "c9d5ac57732cf1eb"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:21:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: text/javascript
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="gapi-team"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24163
x-xss-protection: 0
server: sffe

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.WAVnczg5bF8.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yr-sAnS10vKL2ZTcbg9w-H6c-dA/ 154 KB
53 KB 51ms
50ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.WAVnczg5bF8.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yr-sAnS10vKL2ZTcbg9w-H6c-dA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

c5ad1b5b3e052a2e422b280eda7d75a8be88992a11805bf6da5c268299403879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: gzip
age: 168000
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Tue, 24 Mar 2026 18:41:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 24 Mar 2025 18:41:18 GMT
last-modified: Tue, 04 Mar 2025 15:24:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54275
x-xss-protection: 0
server: sffe

GET
H2 200 b03.png
ukrrudprom.ua/res/i/ 540 B
690 B 44ms
44ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b03.png

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/res/css/main.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8de761cf08e1bc1d96fe58d695481a32df0a4450bd57cdf3eaec82d4ce34c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/res/css/main.css?v=2

Response headers

cf-bgj: imgq:100,h2pri
etag: "4a88541e-343"
age: 6702
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=835
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="b03.webp"
vary: Accept
last-modified: Sun, 16 Aug 2009 18:46:54 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc089abf2b-WAW
accept-ranges: bytes
content-length: 540
server: cloudflare

GET
H2 200 b04.png
ukrrudprom.ua/res/i/ 824 B
981 B 127ms
127ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b04.png

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/res/css/main.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff93bbbec8cd1a6fdfee743e6e54fc115721f9ec720cc92d6f6554b1a5e2ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/res/css/main.css?v=2

Response headers

cf-bgj: imgq:100,h2pri
etag: "4a88541f-442"
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1090
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="b04.webp"
vary: Accept
last-modified: Sun, 16 Aug 2009 18:46:55 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc089bbf2b-WAW
accept-ranges: bytes
content-length: 824
server: cloudflare

GET
H2 200 b17.gif
ukrrudprom.ua/res/i/ 52 B
198 B 63ms
62ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b17.gif

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/res/css/main.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed2e56e8e396102929cc70bd83325b67edb401f92a2be33653c4b4e688775fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/res/css/main.css?v=2

Response headers

cf-bgj: imgq:100,h2pri
etag: "4a885429-53"
age: 1177
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=83
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="b17.webp"
vary: Accept
last-modified: Sun, 16 Aug 2009 18:47:05 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc28b5bf2b-WAW
accept-ranges: bytes
content-length: 52
server: cloudflare

GET
H2 200 b13.png
ukrrudprom.ua/res/i/ 376 B
561 B 62ms
61ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b13.png

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/res/css/main.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76cf919932e050628941abf4d3e020b86ba069a0bac451f9bd4b3505dd860af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/res/css/main.css?v=2

Response headers

cf-bgj: imgq:100,h2pri
etag: "4a885426-22d"
age: 2508
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=557
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="b13.webp"
vary: Accept
last-modified: Sun, 16 Aug 2009 18:47:02 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc28bbbf2b-WAW
accept-ranges: bytes
content-length: 376
server: cloudflare

GET
H2 200 b07.png
ukrrudprom.ua/res/i/ 355 B
624 B 144ms
144ms Image
image/png 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b07.png

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/res/css/main.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a921539909c7303ebc50299885f43f57ed5c482b3f7c336d0f3c19cd8d1be319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/res/css/main.css?v=2

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: MISS
etag: "4a885423-163"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc38cabf2b-WAW
accept-ranges: bytes
content-length: 355
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/png
last-modified: Sun, 16 Aug 2009 18:46:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 b16.png
ukrrudprom.ua/res/i/ 290 B
400 B 168ms
168ms Image
image/png 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b16.png

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/res/css/main.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2f9cd9d0e892f8dffb4d8ed8f69bd56e18db157c912267ad1d8d5ff16e1e9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/res/css/main.css?v=2

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: MISS
etag: "4a885428-122"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc38cdbf2b-WAW
accept-ranges: bytes
content-length: 290
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/png
last-modified: Sun, 16 Aug 2009 18:47:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 b14.png
ukrrudprom.ua/res/i/ 152 B
330 B 67ms
67ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ukrrudprom.ua/res/i/b14.png

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/res/css/main.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70db78166d1bcc9f70868fb112ebbfc077223879e91771baf98d4341b3ae193d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/res/css/main.css?v=2

Response headers

cf-bgj: imgq:100,h2pri
etag: "4a885427-117"
age: 5766
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=279
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: image/webp
content-disposition: inline; filename="b14.webp"
vary: Accept
last-modified: Sun, 16 Aug 2009 18:47:03 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc38d1bf2b-WAW
accept-ranges: bytes
content-length: 152
server: cloudflare

GET
H2 200 xgemius.js Show response
ukrrudprom.ua/res/js/ 6 KB
1 KB 56ms
55ms Script
application/x-javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ukrrudprom.ua/res/js/xgemius.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e95a31a7b1870d9b75b17f25a5e83a662116dfbeb78e9dfcd2419829aea2ac28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4ab9201a-1640"
age: 1250
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dc38d3bf2b-WAW
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: application/x-javascript
last-modified: Tue, 22 Sep 2009 19:06:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 83ms
41ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

aadb8512dd233ab5bf3c62dfb6c79bd9b0cc6919048aad14c480233e29617bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-md5: Bo41Qegfohpl5eV7jJRqMA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "c04b94c4887e8de9dc82774d0bcbd70b"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:37:30 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 9dd1625fb8eea05aeeba182b57327b1e
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=8425, tp=14, tpl=0, uplat=1, ullat=-1
x-fb-debug: epjotFebq3L0vM5492i/mL1UKGRz5VwH610ls4INiwTKWx0/DGloWn+lBBeQiITbvI0jeqwPhQaZ+DTD5iSSVQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H3 200 all.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 81ms
39ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

2456719a19fde8965502600764223222f26621263fe86cc97c45baede4569969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-md5: Kf4GRQZUTE6LHwBuCwJjQQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "cc358240750a0b7a26b4917df38fb4eb"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:38:18 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 26 Mar 2025 17:21:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: f0a544737372621c20cc94c466b67b74
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4649, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug: Mz+49Y+ITsDPf3A2fwO0KntElz9RKfzA9FiQsL+tEQdsPvHB6ntkDHr/40UpjYCIM2gRj0aYYkxVbVavRR3U/A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H2 204 csi
csi.gstatic.com/ 0
525 B 270ms
135ms Image
image/gif 142.250.181.195
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_global&action=global&it=blt.0,psi.1&srt=270&tbsrt=626&tran=15&p=s&npn=1&npnv=h2&e=abc_l0,abc_m0,abc_u0&rt=
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ham02s21-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 204 csi
csi.gstatic.com/ 0
48 B 271ms
136ms Image
image/gif 142.250.181.195
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_module&action=plusone&it=mli.80,mei.6&tran=15&p=s&npn=1&npnv=h2&e=abc_l0,abc_m0,abc_pplusone,abc_u0&rt=
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ham02s21-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 177ms
62ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4JK1V57QK9&gtm=45je53p4h2v9116713464za200&_p=1743009678490&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887799~102926062~102926327&cid=1806830474.1743009679&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1743009679&sct=1&seg=0&dl=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&dt=%D0%91%D0%AD%D0%91%20%D0%B7%D0%B0%D0%B2%D0%B5%D1%80%D1%88%D0%B8%D0%BB%D0%BE%20%D1%80%D0%B0%D1%81%D1%81%D0%BB%D0%B5%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%BE%D1%82%D0%B8%D0%B2%20%D0%B1%D0%B5%D0%B3%D0%BB%D0%BE%D0%B9%20%D0%B2%D0%BB%D0%B0%D0%B4%D0%B5%D0%BB%D0%B8%D1%86%D1%8B%20iBox%20Bank%20%D0%90%D0%BB%D0%B5%D0%BD%D1%8B%20%D0%94%D1%80%D0%B5%D0%B3%D0%B5%D1%80-%D0%A8%D0%B5%D0%B2%D1%86%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D0%B5%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D0%BD%D0%B8%D1%86%20%D0%A6%D1%8B%D0%B3%D0%B0%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%9D%D0%B5%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4JK1V57QK9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:87:0
report-to: {"group":"ascnsrsggc:87:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:87:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ukrrudprom.ua
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:87:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 963 B
820 B 158ms
138ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=14&cb=30110935231&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c7d8bb53e8680fc5d98e706b4c0062fc9c48bc40678e0e9fedae8e80328514

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852de9ccebf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 favicon.ico
ukrrudprom.ua/ 3 KB
1 KB 159ms
159ms Other
image/x-icon 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ukrrudprom.ua/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7af962050c9a4226661fd547825112755efb99c10a510cdc88f197f5c1cea5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html

Response headers

strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"4ae9e829-cbe"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852dedd68bf2b-WAW
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: image/x-icon
last-modified: Thu, 29 Oct 2009 19:08:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 1 KB
731 B 111ms
111ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=9&cb=98067943819&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 528c533b0ea1fc21cf7cdeeb7d13bd76b2a5f78d364dd0fbbf34bc95b15ec2df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852df9e8fbf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 b8a1a97f63b4d4bcf5d30031ea821ad6.gif
test.ukrrudprom.ua/components/openx/www/images/ 23 KB
23 KB 38ms
38ms Image
image/webp 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://test.ukrrudprom.ua/components/openx/www/images/b8a1a97f63b4d4bcf5d30031ea821ad6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fe076f23607e8a7befae4777ddfa5f6847e96d2f2b61476c23cc57c3cf4bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6576b867-1f8b9"
age: 7025
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=129209
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: image/webp
content-disposition: inline; filename="b8a1a97f63b4d4bcf5d30031ea821ad6.webp"
vary: Accept
last-modified: Mon, 11 Dec 2023 07:21:11 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
cf-ray: 926852df9e8cbf2b-WAW
accept-ranges: bytes
content-length: 23270
server: cloudflare

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
108 B 110ms
110ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=1047&campaignid=52&zoneid=14&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=d595dd1296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852df9e8ebf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 116ms
62ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

46dcbfa0b71db501e5163e45462f11fc1dc449531b191d790c416ae53245ec57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: br
etag: 1437330475913525692
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:21:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53140
x-xss-protection: 0
server: cafe

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
108 B 68ms
67ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=1034&campaignid=39&zoneid=9&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=2758359506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e05f9ebf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET
H3 200 all.js Show response
connect.facebook.net/ru_RU/ 252 KB
73 KB 44ms
43ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=20059df2c7a7d6f41fc26c774f037cb6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

681da4222e6c745640ca51725a633c1941a4ae10d889e8a73a25a393bf831b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://ukrrudprom.ua
Referer: https://ukrrudprom.ua/

Response headers

content-md5: dkfNm8r41O+QZoAq9pot4A==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "cf5ec57ef8455937e472d736c515f3bc"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 26 Mar 2026 16:42:45 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: d78b078d74e21acb887e6b934bd26fd8
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1965, tp=5, tpl=0, uplat=1, ullat=-1
x-fb-debug: Vc9/2AO8TFlTFhSmMPa2fTE5Gr/71VDsGFlGQAa8MketmrG7GkA9DmtxzbgknEj9BumkiPlQb022v3FmHr4GNw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 75052
origin-agent-cluster: ?1

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 1 KB
673 B 129ms
129ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=10&cb=12865002032&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e017e527bbf0759b6d3658476a53ddfafcaa937c8c600051f85d4a859cb975

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e09ff6bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 188ms
146ms Fetch
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=207337005970640&input_token&origin=1&redirect_uri=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=20059df2c7a7d6f41fc26c774f037cb6

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

access-control-expose-headers: fb-s
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7486169568956644557&cpp=C3&cv=1021273314&st=1743009679644"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: text/plain; charset=UTF-8
x-fb-debug: G1rJo/oaxorm4FnyRmXGWItxq9zPvJ9UMnZkgjm/DyBicJ5vr3oT/HOboDMBQuDnl9kyhPghLGiaesvZ9EZadA==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7486169568956644557&cpp=C3&cv=1021273314&st=1743009679644", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control: private, no-cache, no-store, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4602, tp=9, tpl=0, uplat=107, ullat=0
pragma: no-cache
fb-s: unknown
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://ukrrudprom.ua
content-length: 0
origin-agent-cluster: ?1

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 572 B
458 B 66ms
66ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=17&cb=1798739449&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f78471986688f83cf212e8b9a9c7493838894d1148a396a9f4dfb1205fd0126

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e128e5bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
100 B 129ms
129ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=1034&campaignid=39&zoneid=10&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=bd09eb91cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e128e7bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/ 430 KB
144 KB 84ms
84ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3129371210207210&plah=ukrrudprom.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

d6eb36415f01079c615e614704392ce33ba56244cdfec95f21e5e468d10b3b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: br
etag: 6561218083172537288
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:21:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147027
x-xss-protection: 0
server: cafe

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 1 KB
674 B 131ms
130ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=12&cb=98279226959&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee534d5e2ae5dc474de0ab46b0e2158befdab56ccbfc99d200ba26054dc42846

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e1fa36bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
100 B 67ms
67ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=17&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=d615334443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e1fa3abf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET
H2 200 ca-pub-3129371210207210 Show response
fundingchoicesmessages.google.com/i/ 196 KB
64 KB 194ms
82ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3129371210207210?href=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3129371210207210&plah=ukrrudprom.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

41bc52f53d3c4eb47c610947963dccf94c22681587dee91edb6458f71dc1e2a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zhdz8w2U-d96pwWIF3V5hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjctDikmJw1JBiOHHrNtMFIG69eY51OhAbrT3P6gLEhgqXWJ2B-P66S6zPgfhD_WXWH0BcJHGFtQWIhXg4-t9P2M8msGDqnw3MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRqYGxkbGegZm8QWGADquMPA"
content-security-policy: script-src 'report-sample' 'nonce-Zhdz8w2U-d96pwWIF3V5hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
0 0ms
0ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

46dcbfa0b71db501e5163e45462f11fc1dc449531b191d790c416ae53245ec57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: br
etag: 1437330475913525692
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:21:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53140
x-xss-protection: 0
server: cafe

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 1 KB
673 B 60ms
60ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=13&cb=6799436568&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c30b16e80c64dc57a17dcce30a6c96eb030ace50924cc090351b243b2acb92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e2cb53bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
100 B 125ms
125ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=1033&campaignid=39&zoneid=12&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=917749c714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e2cb55bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
0 1ms
1ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

46dcbfa0b71db501e5163e45462f11fc1dc449531b191d790c416ae53245ec57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: br
etag: 1437330475913525692
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:21:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53140
x-xss-protection: 0
server: cafe

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 1 KB
674 B 81ms
80ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=8&cb=80940403669&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be463c11fddc910255d78ec1d07e78d28666be84a167d2b13317dd85d1de4f39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e39cbbbf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:19 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
200 B 143ms
142ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=1033&campaignid=39&zoneid=13&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=593e67b9ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e3dd3fbf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:20 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET
H2 200 AGSKWxUKUBwyrluIr4n90SWTHbXF5qSwHOHA3gdgJ03K2cpCuo6LPbdpd-FjX8cHFs2gvKQSiytwA9EjxJO9FOWEAvcNaR3EY9Na3ugVr9SSyKJIL6d8fUjYomSGp7j5D15aBApUSAGsSA== Show response
fundingchoicesmessages.google.com/f/ 437 KB
66 KB 124ms
118ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUKUBwyrluIr4n90SWTHbXF5qSwHOHA3gdgJ03K2cpCuo6LPbdpd-FjX8cHFs2gvKQSiytwA9EjxJO9FOWEAvcNaR3EY9Na3ugVr9SSyKJIL6d8fUjYomSGp7j5D15aBApUSAGsSA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQzMDA5NjgwLDIwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vdWtycnVkcHJvbS51YS9uZXdzL0JFQl96YXZlcnNoaWxvX3Jhc3NsZWRvdmFuaWVfcHJvdGl2X2JlZ2xveV92bGFkZWxpdHNpX2lCb3hfQmFua19BbGVuaV9EcmVnZXJTSGV2dHNvdm95X2lfZWVfcG9zb2JuaXRzX1RTaWdhbm9rX2lfTmVzdGVyb3Zza295Lmh0bWwiLG51bGwsW1s4LCJkYUh6ekRVd0hHUSJdLFs5LCJwbCJdLFsxOSwiMSJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTIsOTUzNDAyNTRdXSJdLFsyOSwiZmFsc2UiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMx8h90hVM14LjPejydGbragEXwqTw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

c6417022bcef2cafbf65371607a0fdf275e61d0150af9ae3d3d65fa7a9460495

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y4he7t-06Uvw1E30qCSpQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:20 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmLw0ZBiaL15jnUqEButPc_qBMSGCpdYHYH4_rpLrM-B-EP9ZdYfQFwkcYW1CYiFuDkmvJ-wn03gwNk7xkoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkamBsZGxnoGZvEFhgDjziud"
content-security-policy: script-src 'report-sample' 'nonce-y4he7t-06Uvw1E30qCSpQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
0 0ms
0ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

46dcbfa0b71db501e5163e45462f11fc1dc449531b191d790c416ae53245ec57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: br
etag: 1437330475913525692
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:21:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 26 Mar 2025 17:21:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53140
x-xss-protection: 0
server: cafe

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 1 KB
751 B 64ms
63ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=11&cb=62344639090&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26429f25c97d28a3fe6b1cedff04186fdc262876b6a55e1bc52764d13104bcfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e47e44bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:20 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
100 B 128ms
127ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=1035&campaignid=40&zoneid=8&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=6c819bc2d9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e4cea4bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:20 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 163ms
75ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.daHzzDUwHGQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx8h90hVM14LjPejydGbragEXwqTw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

16ad219ef82c949b4a252c08d5f849d4793f3acad437febfd2211272e2517719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 17:21:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:20 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 26 Mar 2025 17:21:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 85ms
37ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://ukrrudprom.ua
Referer: https://ukrrudprom.ua/

Response headers

age: 120262
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Mar 2026 07:56:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Mar 2025 07:56:58 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 86ms
86ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://ukrrudprom.ua
Referer: https://ukrrudprom.ua/

Response headers

age: 120262
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Mar 2026 07:56:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Mar 2025 07:56:58 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 102ms
54ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://ukrrudprom.ua
Referer: https://ukrrudprom.ua/

Response headers

age: 140704
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Mar 2026 02:16:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Mar 2025 02:16:16 GMT
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35328
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
0 103ms
103ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://ukrrudprom.ua
Referer: https://ukrrudprom.ua/

Response headers

age: 140704
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Mar 2026 02:16:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Mar 2025 02:16:16 GMT
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35328
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxXZDHkooHP-4c6koAA2VIknKDXajml4QkTczTvGK9V7fVutxjoZJBj9rm-yeKZzN0Us2wH8nGXPyNxfK_0cFShWcmPaNETXJ2h-N_TVRUZkEzLO5kGu_D3-F7KnDo-OWIcg9wPuTQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 97ms
48ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZDHkooHP-4c6koAA2VIknKDXajml4QkTczTvGK9V7fVutxjoZJBj9rm-yeKZzN0Us2wH8nGXPyNxfK_0cFShWcmPaNETXJ2h-N_TVRUZkEzLO5kGu_D3-F7KnDo-OWIcg9wPuTQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pKheqdODtJ3mX6aGqNcg_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ukrrudprom.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:20 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBi-FB_mfUHEAvxcEx4P2E_m0DD3rXNjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDI1MDYyETPwDS-wAAASoMkHg"
content-security-policy: script-src 'report-sample' 'nonce-pKheqdODtJ3mX6aGqNcg_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ukrrudprom.ua
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZDHkooHP-4c6koAA2VIknKDXajml4QkTczTvGK9V7fVutxjoZJBj9rm-yeKZzN0Us2wH8nGXPyNxfK_0cFShWcmPaNETXJ2h-N_TVRUZkEzLO5kGu_D3-F7KnDo-OWIcg9wPuTQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oqOqNnKuGe76CTuaLhfN5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ukrrudprom.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:20 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBi-FB_mfUHEAvxcEx4P2E_m8CEjaebGZVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRqYGxkYmegWl8gQEAVEkkQA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oqOqNnKuGe76CTuaLhfN5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ukrrudprom.ua
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 ajs.php Show response
test.ukrrudprom.ua/components/openx/www/delivery/ 7 KB
2 KB 79ms
78ms Script
text/javascript 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/ajs.php?zoneid=15&cb=47442726017&charset=UTF-8&loc=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bd911237199f063000181c206e88ba7f104546dcb1c4204a1a470c0c2e0336b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e57f9dbf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:20 GMT
x-backend1-cache: BYPASS
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
100 B 102ms
102ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=1034&campaignid=39&zoneid=11&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=f9ce25eedc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e57fa3bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:20 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 0
0

GET
H2 200 aci.js Show response
www.acint.net/ 31 KB
9 KB 179ms
43ms Script
application/x-javascript 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: 7b2d18d3dc9861604cbbde63dd9218e12a6cac1a06f52b877eddf61f9f7c3b37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "6710dc23-225f"
expires: Thu, 27 Mar 2025 05:21:20 GMT
content-length: 8799
date: Wed, 26 Mar 2025 17:21:20 GMT
content-type: application/x-javascript
last-modified: Thu, 17 Oct 2024 09:42:59 GMT
server: openresty

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 170ms
54ms Script
text/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ukrrudprom.ua
URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: gzip
age: 1904
report-to: {"group":"ascnsrsgac:215:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options: nosniff
expires: Wed, 26 Mar 2025 18:49:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 16:49:36 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:215:0
content-length: 17168
server: Golfe2

GET
H2 200 lg.php
test.ukrrudprom.ua/components/openx/www/delivery/ 43 B
100 B 77ms
72ms Image
image/gif 104.22.54.181
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://test.ukrrudprom.ua/components/openx/www/delivery/lg.php?bannerid=24&campaignid=6&zoneid=15&loc=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&cb=7fbad5f803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 926852e618c8bf2b-WAW
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 26 Mar 2025 17:21:20 GMT
x-backend1-cache: BYPASS
content-type: image/gif
server: cloudflare

GET
H/1.1 200
OK /
c.bigmir.net/ 465 B
720 B 195ms
44ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-A...

General

Check archive.org

Download Go to Show image

Full URL: https://c.bigmir.net/?s87430&t8&c1&d24&r1600
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS LLC "Caprate Partners", UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: d7291811c5c2db17f228abfa1ad3bb2cf7e8386deee9167f5292ed06ac49cfcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Connection: keep-alive
Expires: 0
Keep-Alive: timeout=5
Date: Wed, 26 Mar 2025 17:21:20 GMT
Content-Type: image/png
Server: nginx

GET
H2

200

/
www.acint.net/mc/ Frame FFF9
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

0
0

107ms
106ms

Document
text/html

142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Referer: https://ukrrudprom.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 26 Mar 2025 17:21:20 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Wed, 26 Mar 2025 17:21:20 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2 200 oci.js Show response
www.acint.net/ 31 KB
14 KB 74ms
73ms Script
application/x-javascript 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/oci.js?t=1743009680515
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: 181231e67e9ce2d4bb9333e174b708d40135419205a59ee69b5903ebb130904b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

content-encoding: gzip
date: Wed, 26 Mar 2025 17:21:20 GMT
etag: W/"641e08a5-7dac"
content-type: application/x-javascript
last-modified: Fri, 24 Mar 2023 20:31:33 GMT
server: openresty

GET
H2 200 /
www.acint.net/hit/ 43 B
339 B 72ms
72ms Image
image/gif 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.7.1&uid=80e75d8a-d9bc-4253-9658-b5277db4335f&dp=10&tz=%2B01%3A00&nc=525098&u=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&r=&rs=1600x1200&t=%D0%91%D0%AD%D0%91%20%D0%B7%D0%B0%D0%B2%D0%B5%D1%80%D1%88%D0%B8%D0%BB%D0%BE%20%D1%80%D0%B0%D1%81%D1%81%D0%BB%D0%B5%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%BE%D1%82%D0%B8%D0%B2%20%D0%B1%D0%B5%D0%B3%D0%BB%D0%BE%D0%B9%20%D0%B2%D0%BB%D0%B0%D0%B4%D0%B5%D0%BB%D0%B8%D1%86%D1%8B%20iBox%20Bank%20%D0%90%D0%BB%D0%B5%D0%BD%D1%8B%20%D0%94%D1%80%D0%B5%D0%B3%D0%B5%D1%80-%D0%A8%D0%B5%D0%B2%D1%86%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D0%B5%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D0%BD%D0%B8%D1%86%20%D0%A6%D1%8B%D0%B3%D0%B0%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%9D%D0%B5%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9&oE=1&oP=1&dT=2025-03-26T18%3A21%3A20.512&fu=2a6e8730-c61a-4a97-95dd-142685cc8b2e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Wed, 26 Mar 2025 17:21:20 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
441 B 51ms
49ms Image
image/gif 142.250.186.136
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1931743267&utmhn=ukrrudprom.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=pl-pl&utmje=0&utmfl=-&utmdt=%D0%91%D0%AD%D0%91%20%D0%B7%D0%B0%D0%B2%D0%B5%D1%80%D1%88%D0%B8%D0%BB%D0%BE%20%D1%80%D0%B0%D1%81%D1%81%D0%BB%D0%B5%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%BE%D1%82%D0%B8%D0%B2%20%D0%B1%D0%B5%D0%B3%D0%BB%D0%BE%D0%B9%20%D0%B2%D0%BB%D0%B0%D0%B4%D0%B5%D0%BB%D0%B8%D1%86%D1%8B%20iBox%20Bank%20%D0%90%D0%BB%D0%B5%D0%BD%D1%8B%20%D0%94%D1%80%D0%B5%D0%B3%D0%B5%D1%80-%D0%A8%D0%B5%D0%B2%D1%86%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D0%B5%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D0%BD%D0%B8%D1%86%20%D0%A6%D1%8B%D0%B3%D0%B0%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%9D%D0%B5%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2%D1%81%D0%BA%D0%BE%D0%B9&utmhid=1639384825&utmr=-&utmp=%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&utmht=1743009680519&utmac=UA-6357829-1&utmcc=__utma%3D184204834.1806830474.1743009679.1743009681.1743009681.1%3B%2B__utmz%3D184204834.1743009681.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=56425312&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgac:169:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:169:0
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 26 Mar 2025 17:21:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
server: Golfe2

GET
H2

200

rexdot.gif
ua.hit.gemius.pl/__/_1743009680521/
Redirect Chain

https://ua.hit.gemius.pl/_1743009680521/rexdot.gif?l=30&id=ofhAUn9Vx02HArtrffVl8ZaFDkadaGcTg85xsp6M943.I7&fr=1&fv=-&tz=-60&href=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begl...
https://ua.hit.gemius.pl/__/_1743009680521/rexdot.gif?l=30&id=ofhAUn9Vx02HArtrffVl8ZaFDkadaGcTg85xsp6M943.I7&fr=1&fv=-&tz=-60&href=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_b...

43 B
450 B

79ms
79ms

Image
image/gif

54.37.238.28
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://ua.hit.gemius.pl/__/_1743009680521/rexdot.gif?l=30&id=ofhAUn9Vx02HArtrffVl8ZaFDkadaGcTg85xsp6M943.I7&fr=1&fv=-&tz=-60&href=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&ref=&screen=1600x1200&col=24
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Tue, 25 Mar 2025 17:21:20 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 43
date: Wed, 26 Mar 2025 17:21:20 GMT
content-type: image/gif
server: GHC

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
location: /__/_1743009680521/rexdot.gif?l=30&id=ofhAUn9Vx02HArtrffVl8ZaFDkadaGcTg85xsp6M943.I7&fr=1&fv=-&tz=-60&href=https%3A//ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&ref=&screen=1600x1200&col=24
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Tue, 25 Mar 2025 17:21:20 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 0
date: Wed, 26 Mar 2025 17:21:20 GMT
server: GHC

GET
H3 200 like.php
www.facebook.com/plugins/ Frame A43A 0
0 185ms
147ms Document
text/html 157.240.251.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=207337005970640&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3601bd434d9c31d6%26domain%3Dukrrudprom.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fukrrudprom.ua%252Ff602e6008ebdd223e%26relation%3Dparent.parent&container_width=0&font=&href=https%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&locale=ru_RU&sdk=joey&send=true&show_faces=false&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=20059df2c7a7d6f41fc26c774f037cb6

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-5iIwqk54' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukrrudprom.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-5iIwqk54' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Mar 2025 17:21:20 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7486169574155443895&cpp=C3&cv=1021273314&st=1743009680718"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7486169574155443895&cpp=C3&cv=1021273314&st=1743009680718"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=7047, tp=12, tpl=0, uplat=108, ullat=0
x-fb-debug: RypyJI/7ewqFMSGHl5IH4/tvBi1W3uc+j+/enSJ0QNM6zbywVZlUuyws9uEsLauoOrvnxEF/oStj8qkctZisOQ==
x-xss-protection: 0

GET
H3 200 comments.php
www.facebook.com/plugins/ Frame BA37 0
0 168ms
143ms Document
text/html 157.240.251.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/plugins/comments.php?app_id=207337005970640&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc8fc4aa2dfcb31a3%26domain%3Dukrrudprom.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fukrrudprom.ua%252Ff602e6008ebdd223e%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fukrrudprom.ua%2Fnews%2FBEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html&locale=ru_RU&migrated=1&sdk=joey&width=575

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=20059df2c7a7d6f41fc26c774f037cb6

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-TPBrjGiA' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ukrrudprom.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-TPBrjGiA' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Mar 2025 17:21:20 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7486169573538360175&cpp=C3&cv=1021273314&st=1743009680715"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7486169573538360175&cpp=C3&cv=1021273314&st=1743009680715"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4647, tp=10, tpl=0, uplat=104, ullat=0
x-fb-debug: NUiF7zeVxrH6KJyT/9169lCG+TO0S2pa3Zj1XyKZ/Aojn49OIZp2aPGjjRqM/wsANoSp/yFx60p0/VSCeuc6JA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 /
www.acint.net/oci/ 43 B
224 B 42ms
42ms Image
image/gif 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.7.1&uid=80e75d8a-d9bc-4253-9658-b5277db4335f&dp=10&tz=%2B01%3A00&nc=092290&oid=d259b658b79d3bb5c5d9a39b551766c2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Wed, 26 Mar 2025 17:21:20 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 60ms
55ms Image
image/gif 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.7.1&uid=80e75d8a-d9bc-4253-9658-b5277db4335f&dp=10&tz=%2B01%3A00&nc=583524&dT=2025-03-26T18%3A21%3A23.515
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://ukrrudprom.ua/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Wed, 26 Mar 2025 17:21:23 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kimberlite.io/rtb/sync	1970-01-21 04:10:09	Name: f Value: https%3A%2F%2Fwww.acint.net%2Frmatch%3Fdp%3D243%26euid%3DZ-Q3k-FC8vQ%26r%3Dhttps%253A%252F%252Facint.net%252Fcmatch%253Fdp%253D243
kimberlite.io/rtb/sync	1970-01-21 04:10:09	Name: n Value: 1
ukrrudprom.ua/news	1969-12-31 23:59:59	Name: b Value: b
kimberlite.io/rtb	1970-01-21 04:20:14	Name: da Value: KLqvcgAAAAE
ukrrudprom.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: a65fe4883e453e3cb6b892cc32c60cdb
.ukrrudprom.ua/	1970-01-21 13:46:09	Name: _ga_4JK1V57QK9 Value: GS1.1.1743009679.1.0.1743009679.0.0.0
.ukrrudprom.ua/	1970-01-21 13:46:09	Name: _ga Value: GA1.1.1806830474.1743009679
test.ukrrudprom.ua/	1969-12-31 23:59:59	Name: OAGEO Value: GB%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
test.ukrrudprom.ua/	1970-01-21 12:55:45	Name: OAID Value: b0f47364ff9bec2084322429a676d2fb
ukrrudprom.ua/	1970-01-21 13:46:09	Name: fid Value: 2a6e8730-c61a-4a97-95dd-142685cc8b2e
.ukrrudprom.ua/	1970-01-21 13:46:09	Name: __utma Value: 184204834.1806830474.1743009679.1743009681.1743009681.1
.ukrrudprom.ua/	1969-12-31 23:59:59	Name: __utmc Value: 184204834
.ukrrudprom.ua/	1970-01-21 08:32:57	Name: __utmz Value: 184204834.1743009681.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ukrrudprom.ua/	1970-01-21 04:10:10	Name: __utmt Value: 1
.ukrrudprom.ua/	1970-01-21 04:10:11	Name: __utmb Value: 184204834.1.10.1743009681
ukrrudprom.ua/	1970-01-21 13:46:09	Name: _ac_oid Value: d259b658b79d3bb5c5d9a39b551766c2%3A1743013280684
.acint.net/	1970-01-21 04:10:10	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-21 13:46:09	Name: aid Value: fwAAAmfkN5AnLiwyqKyWArTHo4TkyZD4weQiUJlt6zUWG8rR
.hit.gemius.pl/	1970-01-21 13:38:57	Name: receive-cookie-deprecation Value: 1
.hit.gemius.pl/	1970-01-21 04:20:14	Name: Gtest Value: KlQHMRGGQMQGBfRmjinfsdlUssGMXP8c2RbG
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp14v6 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp17v2 Value: 1743009680
.acint.net/	1970-01-21 04:11:36	Name: cSyncDp45v5 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp53v5 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp62v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp67v3 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp68v3 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp71v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp85v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp95v4 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp98v3 Value: 1743009680
.acint.net/	1970-01-21 04:30:19	Name: cSyncDp104v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp107v2 Value: 1743009680
.acint.net/	1970-01-21 04:31:45	Name: cSyncDp125v4 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp126v3 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp129v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp136v3 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp148v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp149v3 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp151v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp251v3 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp186v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp217v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp226v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp239v3 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp243v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp260v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp244v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp248v3 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp261v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp289v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp296v2 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp312v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp313v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp368v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp331v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp351v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp361v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp353v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp362v1 Value: 1743009680
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp366v1 Value: 1743009680
.hit.gemius.pl/	1970-01-21 13:38:57	Name: Gdyn Value: KlxuWRGGQMQGBfRmjinfsdlUssGMXP8c28ySssX6nsGfGnfwHb2xxjGoxcxSY8CBI8l8MG..
.hit.gemius.pl/	1970-01-21 13:38:57	Name: Gdynp Value: lx.M9jIfQcWLoVlDOlE0aFXTN4r571OIzgyCBYGgEiH.y7
.utraff.com/	1970-01-21 04:53:32	Name: preutid Value: 1
.adriver.ru/	1970-01-21 13:46:09	Name: cid Value: Aa9N4Q5mpbxCNrAu-KAkL9g
.adhigh.net/	1970-01-21 12:55:45	Name: gi_u Value: M5Tsaw9anvI.AikABlGV03kPug
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp14v4 Value: 1743009681
.otm-r.com/	1970-01-21 12:55:45	Name: mpid Value: NjdlNDM3OTEwMzliMzE3ZA==
.ssp-rtb.sape.ru/	1970-01-21 13:46:09	Name: sspuid Value: CkIEAWfkN5Gl+wHNDmmKAihDej5KLp4UbQDx7BAm1966p7x5
.rutarget.ru/	1970-01-21 08:29:21	Name: userId Value: GhnYKl-iZoIZ
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp7v3 Value: 1743009681
.betweendigital.com/	1970-01-21 12:55:45	Name: dc Value: was1
.betweendigital.com/	1970-01-21 12:55:45	Name: ss Value: 1
.buzzoola.com/	1970-01-21 04:53:21	Name: uuid Value: e6c58fd2-36b5-477d-54a2-830bc9effbac
.bidvol.com/	1970-01-21 13:46:09	Name: bvuid Value: stxm7qc353
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.acint.net/	1970-01-21 04:53:21	Name: cSyncDp241v2 Value: 1743009682
.bumlam.com/	1970-01-21 13:46:09	Name: suuid3 Value: IiRiY2YzNTk1Yy0wYTY2LTExZjAtODZlMC0wMDI1OTBjMDY0N2M*
.gonet-ads.com/	1970-01-21 12:55:45	Name: pid Value: MzkyMmIzN2ZjZjAyZGMyMA
.betweendigital.com/	1970-01-21 12:55:45	Name: tuuid Value: 427aaeb5-51d5-5355-bc59-e9ccdbbdde5e
.betweendigital.com/	1970-01-21 12:55:45	Name: ut Value: Z-Q3kgADyMDqzxwyaF_vmgg6Rm5NqJrct0z5Yw==
.agency2.ru/	1970-01-21 12:42:48	Name: uuid Value: b771f5cc-6fd3-4584-9faa-39aa6ab8e748
.yandex.ru/	1970-01-21 13:46:09	Name: yuidss Value: 8813982691743009682
.yandex.ru/	1970-01-21 13:46:09	Name: i Value: akjM4RKk7YgV8wE0QNh33owLc5A99ppRf2JDM1jZAUB5YC9+YC3/qkFoTPEij61lXm0cyz56CwRd40Xn5lFFokHIR00=
.yandex.ru/	1970-01-21 13:46:09	Name: yandexuid Value: 2063527521743009682
.yandex.ru/	1970-01-21 12:55:45	Name: yashr Value: 3197932181743009682
.yandex.ru/	1970-01-21 13:46:09	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEzNCIsICJOb3Q6QS1CcmFuZCI7dj0iMjQiLCAiR29vZ2xlIENocm9tZSI7dj0iMTM0IioCPzA6ByJMaW51eCJgku+QvwZqGdzK6YgO8qy3pQv7+vDnDev//fYPsPfPhwg=
sync.opendsp.ru/	1969-12-31 23:59:59	Name: chk Value: 1
.ohmy.bid/	1970-01-21 04:53:21	Name: uid Value: e5b90057-72f1-45f4-91f2-167ca2eebfd0.67e43792.e964243d4dadeb41
.opendsp.ru/	1970-01-21 13:46:09	Name: pid Value: NWVhMTNmOTllODFkOGIyYg
.upravel.com/	1970-01-21 04:10:09	Name: session_tptc Value: 1743009683023
.adx.com.ru/	1970-01-21 12:55:45	Name: user Value: 67e43793991c7a00016521b0
kimberlite.io/	1970-01-21 06:19:45	Name: u Value: Z-Q3k-FC8fQ~ok_6-Bvd4YPERIHvl5zrm2JXGlg
.yandex.ru/	1970-01-21 12:55:45	Name: receive-cookie-deprecation Value: 1
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
.dsp.solta.io/	1970-01-21 13:46:09	Name: pid Value: NWVlZWRkMWY1NzRkY2Zh
.weborama.fr/	1970-01-21 13:36:04	Name: AFFICHE_W Value: vg6bB2ulp6i@63
.adspector.io/	1970-01-21 04:53:32	Name: preadspector Value: 1
sync.techdsp.ru/	1970-01-21 12:55:45	Name: uid Value: KETzKTZTS4qkajrkLvlWBA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://apis.google.com/js/plusone.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ukrrudprom.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://apis.google.com/js/plusone.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation	verbose	URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://ukrrudprom.ua/news/BEB_zavershilo_rassledovanie_protiv_begloy_vladelitsi_iBox_Bank_Aleni_DregerSHevtsovoy_i_ee_posobnits_TSiganok_i_Nesterovskoy.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
c.bigmir.net
connect.facebook.net
counter.rambler.ru
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
region1.google-analytics.com
ssl.google-analytics.com
test.ukrrudprom.ua
ua.hit.gemius.pl
ukrrudprom.ua
www.acint.net
www.facebook.com
www.googletagmanager.com
quantcast.mgr.consensu.org
104.22.54.181
142.132.138.212
142.132.138.214
142.250.181.195
142.250.184.227
142.250.185.168
142.250.186.106
142.250.186.110
142.250.186.136
157.240.251.35
157.240.251.9
193.239.68.97
216.239.34.36
216.58.206.34
216.58.206.46
54.37.238.28
94.139.255.28
10261dcd507dfc7f163ea11e037847ab07113b09a280747f3a1632b4adcfa0bd
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
167c8246a6a1dfde0c6cad10abf87fb2977b84f3dc158fafd3a6a2165cb6cdca
16ad219ef82c949b4a252c08d5f849d4793f3acad437febfd2211272e2517719
17e017e527bbf0759b6d3658476a53ddfafcaa937c8c600051f85d4a859cb975
181231e67e9ce2d4bb9333e174b708d40135419205a59ee69b5903ebb130904b
18ecc3dab94edb5f3c45bcd2a1f0d54d5f447117e3f2694eb229cc6a4da2b259
2186491927d247f75dd978ad7d89e5bd60e42912ecee8eff4dc3d2eb6ab8f024
2456719a19fde8965502600764223222f26621263fe86cc97c45baede4569969
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26429f25c97d28a3fe6b1cedff04186fdc262876b6a55e1bc52764d13104bcfa
281d7a00b49ae37ebe634630f5cc0f583dc9e14cbe27d2f2afb02c375f97c1d8
292f89bc9e6c0ac11bab1595b507d73b004ddc5ded62dd37a87d2d59908be722
2a8de761cf08e1bc1d96fe58d695481a32df0a4450bd57cdf3eaec82d4ce34c2
34ca11ba0475f4e4edf69b3253f1af830a4f00b708899e92000ab8985997d72d
36c30b16e80c64dc57a17dcce30a6c96eb030ace50924cc090351b243b2acb92
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f78471986688f83cf212e8b9a9c7493838894d1148a396a9f4dfb1205fd0126
41bc52f53d3c4eb47c610947963dccf94c22681587dee91edb6458f71dc1e2a5
46dcbfa0b71db501e5163e45462f11fc1dc449531b191d790c416ae53245ec57
4a84141bdaec34628cf09e5137afa8c79972feeaffd823024d7f25110231869d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
528c533b0ea1fc21cf7cdeeb7d13bd76b2a5f78d364dd0fbbf34bc95b15ec2df
543c0e8989e38fc081eb2e5a32971647e64c07843c1531f66ef0a0be2aa24bb9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
65e7ed59dd916b075099ce48d07dd5d25a0d4711b1c7485fd54f30798fdbfcab
681da4222e6c745640ca51725a633c1941a4ae10d889e8a73a25a393bf831b8c
6bd911237199f063000181c206e88ba7f104546dcb1c4204a1a470c0c2e0336b
70db78166d1bcc9f70868fb112ebbfc077223879e91771baf98d4341b3ae193d
76cf919932e050628941abf4d3e020b86ba069a0bac451f9bd4b3505dd860af9
789164c5ac76ad51ec1570d4381be384a0136a69875d754bbb6f7e331a634639
7985ee1c0f9707490504c330ba30eac3225fe1c6c57a2badbba9ab031da73514
7af962050c9a4226661fd547825112755efb99c10a510cdc88f197f5c1cea5a4
7b2d18d3dc9861604cbbde63dd9218e12a6cac1a06f52b877eddf61f9f7c3b37
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ff93bbbec8cd1a6fdfee743e6e54fc115721f9ec720cc92d6f6554b1a5e2ede
a0fe076f23607e8a7befae4777ddfa5f6847e96d2f2b61476c23cc57c3cf4bf8
a921539909c7303ebc50299885f43f57ed5c482b3f7c336d0f3c19cd8d1be319
aadb8512dd233ab5bf3c62dfb6c79bd9b0cc6919048aad14c480233e29617bb7
ab33eda1456f04a8ccce3809a56d0d16a8a25f402f1f42bb0eb7ac3fd9751057
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
be463c11fddc910255d78ec1d07e78d28666be84a167d2b13317dd85d1de4f39
c5ad1b5b3e052a2e422b280eda7d75a8be88992a11805bf6da5c268299403879
c6417022bcef2cafbf65371607a0fdf275e61d0150af9ae3d3d65fa7a9460495
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2f9cd9d0e892f8dffb4d8ed8f69bd56e18db157c912267ad1d8d5ff16e1e9b9
d6eb36415f01079c615e614704392ce33ba56244cdfec95f21e5e468d10b3b45
d7291811c5c2db17f228abfa1ad3bb2cf7e8386deee9167f5292ed06ac49cfcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95a31a7b1870d9b75b17f25a5e83a662116dfbeb78e9dfcd2419829aea2ac28
ed2e56e8e396102929cc70bd83325b67edb401f92a2be33653c4b4e688775fde
ee534d5e2ae5dc474de0ab46b0e2158befdab56ccbfc99d200ba26054dc42846
f3c7d8bb53e8680fc5d98e706b4c0062fc9c48bc40678e0e9fedae8e80328514
f40169827e4b00e8ea4421a8fe3358494f54c2c9f120028427c0c0d52a079c10
f55d8c03fc956ebd16c9b26797a98233c935476029c6a5b1074409bdde01b5e2

ukrrudprom.ua Open in urlscan Pro 104.22.54.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

98 %HTTPS

0 %IPv6

14 Domains

18 Subdomains

18 IPs

6 Countries

817 kBTransfer

3061 kBSize

99 Cookies

16 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ukrrudprom.ua Open in urlscan Pro
104.22.54.181 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

18
Subdomains

18
IPs

6
Countries

817 kB
Transfer

3061 kB
Size

99
Cookies

81 HTTP transactions
0 data transactions