urlscan.io logo urlscan.io
SecurityTrails logo

www.rbc.ua Open in urlscan Pro
2606:4700:20::681a:22f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rbc.ua/
Effective URL: https://www.rbc.ua/
Submission: On April 22 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 13 domains to perform 80 HTTP transactions. The main IP is 2606:4700:20::681a:22f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rbc.ua. The Cisco Umbrella rank of the primary domain is 199704.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2022. Valid for: a year.
This is the only time www.rbc.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:20::ac43:46e7 (United States)

ASN13335 (CLOUDFLARENET, US)
rbc.ua
10    2606:4700:20::681a:22f (United States)

ASN13335 (CLOUDFLARENET, US)
www.rbc.ua
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
tpc.googlesyndication.com
10    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
5    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
12    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
2    35.156.209.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-209-127.eu-central-1.compute.amazonaws.com
d.adtriba.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
99 KB
14 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
168 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
139 KB
11 rbc.ua
rbc.ua — Cisco Umbrella Rank: 196001
www.rbc.ua — Cisco Umbrella Rank: 199704
199 KB
8 gstatic.com
fonts.gstatic.com
101 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
4 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 77
2 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5383
adservice.google.de — Cisco Umbrella Rank: 7579
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
3 KB
2 adtriba.com
d.adtriba.com — Cisco Umbrella Rank: 45512
757 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
65 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
80 13
Domain Requested by
12 s0.2mdn.net www.rbc.ua
s0.2mdn.net
16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
10 www.rbc.ua www.rbc.ua
8 fonts.gstatic.com fonts.googleapis.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 www.google.com www.rbc.ua
tpc.googlesyndication.com
4 www.google-analytics.com www.rbc.ua
www.google-analytics.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 www.google.de www.rbc.ua
3 stats.g.doubleclick.net www.google-analytics.com
2 d.adtriba.com 1 redirects 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net www.rbc.ua
2 googleads.g.doubleclick.net 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
www.rbc.ua
2 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagservices.com www.rbc.ua
16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 fonts.googleapis.com www.rbc.ua
1 rbc.ua 1 redirects
80 22
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-14 -
2023-03-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.rbc.ua/
Frame ID: 2FCDD9058E607E6FAF656D0B32C03A1B
Requests: 45 HTTP requests in this frame

Frame: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 54F89ABAB6D25B8BBC9DAC32685220CE
Requests: 1 HTTP requests in this frame

Frame: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC9A98C795219EB8B52BC37689E0215E
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E3C071B872075EC9CF1C1697D97626E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2AD5EDD293E2BC116D00C078A410EB1C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUPD-9pr65DNXz4vaAj3WCdggQ_vw9KwVn9yE2-d5Ds4wwyhguh6ZDoUEUgtlrgU-staswVtsrdrOF1ZPgy0VwML4aEGB-5Wz2rlkUjlNv-pmWJyUf4ePu3p7jUWpOD8T4fTktV9J9KbYODnZulCKAkajaNmWNfmCPLek9rYnvsICNsMuM
Frame ID: 7F0AFD935EAFC75A0DB70ECC0B46155B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1588D028A629434C01412994BE79F0F8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Frame ID: 720B33C68A0EA0ACBFCD994235702682
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новости - Последние новости Украины сегодня | РБК-Украина

Page URL History Show full URLs

  1. http://rbc.ua/ HTTP 302
    https://www.rbc.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

80
Requests

94 %
HTTPS

71 %
IPv6

13
Domains

22
Subdomains

21
IPs

3
Countries

797 kB
Transfer

1820 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rbc.ua/ HTTP 302
    https://www.rbc.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7CbeZSIFDTUjg4abkuUu4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7CbeZSIFDTUjg4abkuUu4&google_cver=1&C=1
Request Chain 56
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmIOZpa3esKbyCfcBAlDaQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnTEcme9kov_s2VVZSwTyo&google_cver=1
Request Chain 57
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGSteVEwpT7DFlX_xY0HWb0&google_cver=1
Request Chain 58
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIxMTQ2OTAxNDgwOTkzODc5Ng%3D%3D
Request Chain 69
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rbc.ua/
Redirect Chain
  • http://rbc.ua/
  • https://www.rbc.ua/
178 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f894e35e6756cbfedfc53657fcbe490b2abe5e3d907b5fa2d1a6166407d2bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
6ffad192ef3171ed-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 22 Apr 2022 02:09:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
id
2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5H5fTCCUSrF%2BMHZVGa8i7YhuPUg4cFb1OIPdLmCvIPPkIA03h%2FpL3%2FgARFmcsecw8yj2UeCYs4ODB4sZ%2BVzXkCZR8aJGtfndjvysy1rNnW0eu7iY51owKKEUNpKssVnuWXA5LCWYXfQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
User-Agent
x-cache
HIT
x-page-speed
1.13.35.2-0

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Max-Age
86400
CF-Cache-Status
DYNAMIC
CF-RAY
6ffad191ac1675cb-LHR
Connection
keep-alive
Content-Type
text/html
Date
Fri, 22 Apr 2022 02:09:40 GMT
Location
https://www.rbc.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uabMyAZ%2FdIil%2F3EgnpdcQHoDllrD2G%2FP7n9lpegieKzzzVisrdWOD6xdn8Oz8WiZQzNbHilbvCjP3K5jPtXMF9bcO234FPGyc7D2%2F49WyYItZsU4W7XnBvK6cNl8fiGgag3JyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa2ef25b63d796fe32cada12fd0de5080d9a52ae9b68ae0497a42bf769dd42dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 02:09:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 02:09:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 02:09:40 GMT
big-logo.svg
www.rbc.ua/static/common/imgs/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/common/imgs/big-logo.svg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f020c1ba7ee0dce0c0b9679339e958e106734fc49aa2e856c8243b821ce83600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4517330
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
last-modified
Tue, 26 Jan 2021 09:25:46 GMT
server
cloudflare
srvb
app2-rbc.rbc.ua
etag
W/"600fe01a-14f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M2DTXSzpFCpYJBw9SKPaH8jwtKGvC9Uy8w8WlLHdmmbgYH%2FrXh0QkiL%2B19rXAayD0OnyqXjQtuc0Azm3B1%2BabbxD9YW6Duzx7K%2B4n9LDWQy6juvSptDBpEpHyFScEeXb9yKJ5ge43w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
cf-ray
6ffad193e85c71ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6749
date
Fri, 22 Apr 2022 00:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 22 Apr 2022 02:17:11 GMT
upd_2_rus.svg
www.rbc.ua/static/common/imgs/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/common/imgs/upd_2_rus.svg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6252221fb7de0ea6398c1b27b70ce45d2aa964da3c2fd51835db1b53dea39961

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4517330
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
last-modified
Tue, 26 Jan 2021 09:25:46 GMT
server
cloudflare
srvb
app1-rbc.rbc.ua
etag
W/"600fe01a-14cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfwC6tgxfZt1FOSAiJPBdCliHUd1wbgVXKdrMaEgGfb5SLXO2%2FYAn1zqjvWSI5lsT3DcGXyRstinibyNwhEGAwXSHqfNp%2F2hPYRTlFnK12Wls5Alp3DKxyrBmAKjy2YwSNahPefiWpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
cf-ray
6ffad193f86971ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
126_7_id81737_1300x819_15_650x410.jpg
www.rbc.ua/static/img/1/2/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/1/2/126_7_id81737_1300x819_15_650x410.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a75af12fec0c32e9e2eed600db4ee7edfb70dee818e81c01b53ad1173227a0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15269
access-control-max-age
86400
content-length
26224
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 21 Apr 2022 20:57:55 GMT
server
cloudflare
etag
"6261c553-6670"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKOMh9ccNvK%2Bv576%2BYRi%2Fv0L47Tbu0l4iyuk2jVAb9MNcTFCIwvO5G2lgX71sc49P6%2B4zEbKtdzaPs3vP7Zx6HjWSfisYeHHsPnf5I6JFFC1FE4mXtWKay7%2BAkSG9sEKH2G94CpJkvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ffad193f86b71ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
h2pri
facebook_com_worldeconomicforum7_5_300x189.jpg
www.rbc.ua/static/img/f/a/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/f/a/facebook_com_worldeconomicforum7_5_300x189.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf729a4924106ac814ca631f79bc05f548b3f41af93b43dfa2bfbbe98c78921

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5833
access-control-max-age
86400
content-length
16247
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 21 Apr 2022 20:57:56 GMT
server
cloudflare
etag
"6261c554-3f77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2h5S4CDp07K01%2FQAv009d6fU0mSIN%2FgqnmYTH9j9pu4n0O6JCDEi3wtAMh0vibZSqJW1WqcCXp6IUKTNFOMHGYhAojiMMNfOTRhU3bRGtQS5UTol6sRor64NO%2F1o03Qn0tUabe%2B%2BCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ffad193f86c71ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
h2pri
279092557_533870388303073_5972225316170097715_n_300x189.jpg
www.rbc.ua/static/img/2/7/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/2/7/279092557_533870388303073_5972225316170097715_n_300x189.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bb4431bd8d98ccc6a1c4699fdfca679bcbf6def71dc3572670d5d566b51752

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5833
access-control-max-age
86400
content-length
10065
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 21 Apr 2022 23:03:43 GMT
server
cloudflare
etag
"6261e2cf-2751"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0G0N9PkpN1U5hEoDhKDvGU9EdguZHnq1OV5XDhORYeddF4Mz3zYC9%2F1%2FOtfY6e%2F479Z3BfQI9SYcszczvW7IHaQm8yrDm0MNsfAFfGN60uuvtVrE15nO2XONEoc3OaWsNn4nJTnvHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ffad193f86d71ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
h2pri
pixabay_com_153_650x410_1_1300x820_1_300x189.jpg
www.rbc.ua/static/img/p/i/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/p/i/pixabay_com_153_650x410_1_1300x820_1_300x189.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66eddf1584c96f1fe2d74067ad4b58b1c4f554e389110f60780fa1efaffc4bfc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5833
access-control-max-age
86400
content-length
8359
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 21 Apr 2022 22:21:37 GMT
server
cloudflare
etag
"6261d8f1-20a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9L4CzWiDjedjgpyCG9gFKKXOB%2FdHxC487KZoy3s5%2BNHwKjmZJW%2BoPiCJFGmOlQu1VHa6d8nyoAhnfJu0LPeyJikoQTWtdCKAv8Xm2y2L3dxJYCsNKg7d%2BE9ncf2gabNfmddgdrg78Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ffad193f86e71ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
h2pri
__ukr_viyskovi_gettyimages_1239619300_1_300x189.jpg
www.rbc.ua/static/img/_/_/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/_/_/__ukr_viyskovi_gettyimages_1239619300_1_300x189.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0cb43846aabb044f5393452e7309ba32a741fe358f1afd0a3448e5ce2c9c11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
845194
access-control-max-age
86400
content-length
15884
cf-bgj
h2pri
server
cloudflare
etag
"624c8844-3e0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igFHNwZw%2FdsonvOsrqCjl8ZcsyEHOnbCRg%2FYcjKIMT2%2BnwXH9RXiqtZFKawtzyzZLuLdq4XBHFhfw2%2FGeCPWbZbLaZoEfnSwkeh%2FvhCu2Zy1NUOV533nKbBhX7h%2BftvkjiU02D37vwc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ffad193f86f71ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
pxl.gif
www.rbc.ua/static/common/imgs/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/common/imgs/pxl.gif
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79849
access-control-max-age
86400
content-length
807
server
cloudflare
etag
"600fe01a-327"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Fsbc6OXGXXvZSgGPLh45ZdFX0VS%2Bo45CFX%2BTkYDhVCGaFKJe3rEbrpcX1xmOml1nRfh2az6mCQJLykNnZJrA2jompzNLJU8hFo%2BsPeIYFvH0nHfDPb4SnOspBcWv%2BD4%2BuoCGXQ4hSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ffad193f87071ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.js
www.rbc.ua/static/production/ 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbc.ua/static/production/desktop.js?1.53
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b917f157bfb62bac7457644f5e973c44a310d99508a0c22d2021411c244876

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
208979
age
4472629
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
last-modified
Tue, 01 Mar 2022 07:43:20 GMT
server
cloudflare
srvb
app1-rbc.rbc.ua
etag
W/"621dce98-33053"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaXgdxblW27d2hsrtxkHcxv6E9X72n%2Foo6rh7Prbox7kk6QNKheMmrkjGEY2EuDpZW5d%2B2un%2Bn88noYKlBOhknM5O1ORcIcE0jb9mo0JnnuIlwRxJw6yXTFccpxL%2FEpUkG2ht9wj8g4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
cf-ray
6ffad193f87471ed-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
575485018c1bf62495d593ada6ef2edaedc6a32df99832a0e6b7bd709a566122

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b27787017d71ed2a0b92667c109eec42c4fe5722866b86c4185c64111fb0ea7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		610 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9437edd4224c8c939b07f585089e985322bc678875f9bdd8b6c28f685e5fe16

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		904 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab69f842348dcfe5859c97a6cfd4792ab7f806418cdafc4e602c16cc20300c28

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:56:19 GMT
x-content-type-options
nosniff
age
116001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:12:11 GMT
x-content-type-options
nosniff
age
215849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9500
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 14:12:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
1399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Apr 2023 01:46:21 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 10:03:58 GMT
x-content-type-options
nosniff
age
144342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 10:03:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:02:01 GMT
x-content-type-options
nosniff
age
216459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 14:02:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:58:32 GMT
x-content-type-options
nosniff
age
115868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 17:58:32 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 07:29:47 GMT
x-content-type-options
nosniff
age
585593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 15 Apr 2023 07:29:47 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 18:07:18 GMT
x-content-type-options
nosniff
age
115342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 18:07:18 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11428483-1&cid=1161035410.1650593381&jid=1376241699&gjid=199456077&_gid=1013564987.1650593381&_u=YGDAgEABAAAAAE~&z=389279390
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 22 Apr 2022 02:09:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2137524235&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20-%20%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=1561514060&gjid=854074886&cid=1161035410.1650593381&tid=UA-11428483-16&_gid=1013564987.1650593381&_r=1&_slc=1&z=83919260
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2137524235&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20-%20%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=289443061&gjid=1909049006&cid=1161035410.1650593381&tid=UA-11428483-19&_gid=1013564987.1650593381&_r=1&_slc=1&z=1993819477
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2137524235&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20-%20%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEAB~&jid=1376241699&gjid=199456077&cid=1161035410.1650593381&tid=UA-11428483-1&_gid=1013564987.1650593381&cd3=business&cd5=2a01%3A4a0%3A2c%3A%3A6&cd6=2a01%3A4a0%3A2c%3A%3A6&z=205294468
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 00:14:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6895
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b94b6f798453eb2a87e54efd5f67936c01a55dd5289f4ae1e052ef6044de8ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28697
x-xss-protection
0
server
sffe
etag
"1193 / 749 of 1000 / last-modified: 1650578824"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Apr 2022 02:09:40 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11428483-16&cid=1161035410.1650593381&jid=1561514060&gjid=854074886&_gid=1013564987.1650593381&_u=YGDAAEABAAAAAG~&z=1559414373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 22 Apr 2022 02:09:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11428483-19&cid=1161035410.1650593381&jid=289443061&gjid=1909049006&_gid=1013564987.1650593381&_u=YGDAAEABAAAAAG~&z=1343087712
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 22 Apr 2022 02:09:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11428483-1&cid=1161035410.1650593381&jid=1376241699&_u=YGDAgEABAAAAAE~&z=1823022048
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11428483-1&cid=1161035410.1650593381&jid=1376241699&_u=YGDAgEABAAAAAE~&z=1823022048
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11428483-16&cid=1161035410.1650593381&jid=1561514060&_u=YGDAAEABAAAAAG~&z=937223091
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11428483-16&cid=1161035410.1650593381&jid=1561514060&_u=YGDAAEABAAAAAG~&z=937223091
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11428483-19&cid=1161035410.1650593381&jid=289443061&_u=YGDAAEABAAAAAG~&z=740238363
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11428483-19&cid=1161035410.1650593381&jid=289443061&_u=YGDAAEABAAAAAG~&z=740238363
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022041801.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 22:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125970
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 21 Apr 2023 22:38:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		252 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.rbc.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8fae0f3bb39fda801af799c1d32d64da08873e961137fcf456d29a178aa19397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Apr 2022 02:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:09:41 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.rbc.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Apr 2022 02:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.rbc.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Apr 2022 02:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2849802249392617&correlator=3938863186754916&eid=31067095%2C31066184%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=67465299%2CRBC_main_pages_premium_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3409417865&sfv=1-0-38&ecs=20220422&fsapi=false&cust_params=site_variables%3Drus%252Cwwwsite&sc=1&cookie_enabled=1&abxe=1&dt=1650593381367&lmt=1650593381&dlt=1650593380425&idt=922&biw=1600&bih=1200&adxs=1150&adys=511&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.rbc.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x2299&msz=300x-1&fws=0&ohw=0&ga_vid=1161035410.1650593381&ga_sid=1650593381&ga_hid=2137524235&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c1291ab3b3d53b12b9c8d97f45bdee32cc947722e279c7619ae4591a15382c82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7848
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 54F8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 02:09:41 GMT
expires
Sat, 22 Apr 2023 02:09:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3d3310d867bf5d6386849a83ea40a67726238952283b36692c2b42946cb6704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Apr 2022 02:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10619
x-xss-protection
0
container.html
16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC9A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 02:09:41 GMT
expires
Sat, 22 Apr 2023 02:09:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Apr 2022 02:09:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E3C0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
16576
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 21:33:25 GMT
expires
Fri, 21 Apr 2023 21:33:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2AD5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4404bc28ef609dd364bbe12815bd9e9490455cd291278d070339cf144dcd7b4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0wP/Bg2pwt0VO5iO+WPjbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-0wP/Bg2pwt0VO5iO+WPjbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 02:09:42 GMT
expires
Fri, 22 Apr 2022 02:09:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7F0A 		624 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUPD-9pr65DNXz4vaAj3WCdggQ_vw9KwVn9yE2-d5Ds4wwyhguh6ZDoUEUgtlrgU-staswVtsrdrOF1ZPgy0VwML4aEGB-5Wz2rlkUjlNv-pmWJyUf4ePu3p7jUWpOD8T4fTktV9J9KbYODnZulCKAkajaNmWNfmCPLek9rYnvsICNsMuM
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 02:09:42 GMT
expires
Fri, 22 Apr 2022 02:09:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EC9A 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7LNhIccfWnPapLPnhyaRjFXiR3rrUOH9yu22h8RHN58gWAB-LIwJWASB_C5BuUHQ04b9MGS7To5YwoEIk7mh9A7Jn3M0tNFCt_dAzR9a1OYepz-Yrn0CLR1b8lbJYBBok3MDMeDiwVIngLUIZZyo_Eutljg&dbm_d=AKAmf-C6HQTB6XLbVmYKaSFM09jxlNpeLhiuIXknweY8XGaUtJtrBR-LyS3J8d06GTPuSNxLZIvQGRs8G1QC0IsmkMzOJRqiCYH8_jkp7GPx5Fe7VzC6pbEShDWavyRq8iCr-bhiY2IlRsJ41cyKLwxZ4jcPrEHeflwxoGFHUJToXOxodSedLaTP1LZTBnu5GRlXZRtNBVlNSvHltuAAykGCYKKoWCK3ZLBenGGK6MMdtSa9nRjEy_UGJkNfKEPeq1LvAy0bpY1l9d_PH8ShM2ZJVY1hkV-Iq3e7kTJyWyScIF5sARyTVkU0C6200LgKgT1M03chUYYBL-7HrAq5YCPlnwOTKSUmz8scNklkyynaDxyqcrTvtBRbcEmfsh9FFjV032cZXcaiLgglY_xgc1VEYw3gJQqNi-lvUpC8S8DZnQcvAc6VTovr9ujknwqejyvb-mZwe_mlJ11NlDg_WGJEOA3TLzTtGiv1pvlfDE1UjaSlQFqbDzypKgHiYHIh2Df_nfz4sof2mjgrYhI6s1cDkdhtNsLxe7uPm6b644E3uzv2hlD5aVKZrIQXOVVz9Iu9gJ5DoXIo_iVlpcBy0azLgi9cN9OAEqB0NJjBNKZbnCqm0xliNqh79GbCaI5rcknsspcpZ5e78H-2LAKwQiNLdgfDoNc_CgHdDSThn9e-hztptSaGF4VLyTjruqW_8CoMgz174Us6uqk4-ZQ9nFGIV9vJBarmKdR-SMMznyM1OPcchAJU28dcydWf2L2398rxliqNSEO7VMO1lGGX1UZsJKARK6CwK63JHw22dj8iL2kC_vT6nOdkeVwReDmbYOEUmmV6wWuCeV7lRbs-CXD4dc0lSf7ABbe7H5Lpj7uP8zFUmoVZxz7LCxsau6XAo1EhVuia-wrL4UNz5Diiz5QwunU-BG_jBs8X3jjBPo3oxfN8jkhve1sXZT1E-8RZZUhJoBbsTTXCDRfYqMnng_7MwRMFO1EkuVKon1jXnF25gR5xIPECtiFMiuR_i_rr4JkfVVL6OE4aBdiSTra8_DoaX2LFea31mLVWhc3gH3ETm1ANDaJuacGItq_KLfgWb8_MPbcED4wXplBkDpKtjQHaZcHYJRgLodkLNkToAys3ivSaYRU6GxeLr3bJOQr3biuURxCidzIrdUolyYFnVQA1eN66ZizcecdFS_JzpRiiCd5drvBknhNxXUST1PD5nTy1PT5Sm9jX-6Q1aywbvGI3wbaAiujrV_daVi7KgFc1L3jj-2Uw490oZdd8B_7_L_37ZEUmwxMTz6BLHxdHPC1fAXBTaJukS6mi510I6RmHJ4eruegOy4e-CitG1NlbIACKj1B-fsMUCQneZLrB1eMe4WDFglWquClEii-rYlfoQM67FqXR7AqQjCTrK0gCdNtCL-HQIwtqmvgJzv2_Mgi-gfxM29NlEvFlXvigQudsVM3tSI9Hu1rTFP4rXWrZ3-B2DXuL2sQo3kIpLFB8Mbxtqp8qwEl5NK-N9sXNeRVqtlN6mhfaj7EO5EAJFawOmParMdw1cV3uHGf5F7vUy4e-p0NYb0Uo52Dg75QC0bbUp0_XUTaXRI0DQsWSzHn8yolxKc2rdpGybKTLlKNI0UaV0-7UAKwDoTXfFUyzmU2kruU55rHCFdYUHjEzadc_Zngmj6P8bYTME59T-W84pWKQhj8WiSqStGV5bHDMcFd3WYTe0vC2Ix_cIa2CeyaXId3tX3sL2G5IjoDlWk0Hl-7YhcsWFkLLiUbxaDH5XuBUkxRch76S007L-iXRDU6y7Wugw80WVXpjdVzvydiG4ptzP9VNFe1zZu1JbathpvA3Cb1dya83nInWEXoJxzL2SCXv_Vr63fDfWqtMQZ-8atWRHjILfog6JYKyDyeRl-6GlrU5CAdK_CucZQSSpvaQJQAIiySIcjKgb4G7t-XicwsHrvPqx-lp6j5wa0MVX1Q2v8MSNA8KfMaKHaX8gh9T3kGr7XKWMmzZX07ZL6FehOx_HI8hJzctGlLgGL7nFSPXEm-1GhucD6HdZp0LSbVlX-XMI2bWL1oikb80MUYXunSMIHk4z1Jaj1pt9AdmW4zs_cvF6KZ7tAatbP0NXmLKuXMRnGUR_WAMilCQXS7RyON-be4e7Rn5r_BZNMqTqT9NWjl2Lzw_eHTUv9fUAV3ep5mNi5mEZSg6N202Y__0vmx3FmgDyvD4zfrS1YLpo4OeBMWZCcqPpfxkdfera2wWFXIcVkpscLwVm4j6QjaYZ7UfUoxmCbwBD21msiV3O2PRpq_4n1VdWDdQkguIfw1H6yZszebUUrAPm84Ee5FKS1YYySKsQpO8dfVHav2vX-b2E6p-LN1VgWgFt4pWZ2lqImhZ8qrApg9HMpe_42EdLhhakOVltGgfkODsFsR4YBYElMQ_TKcNzcHmoowPSHJWF8wbaDTaByTwj1CpkK6olYWeaKUrfcgkl335ukiJ_HkU5Q5Pi0Tzs409ZBQEPHpkC_jN4IxNYti-ADoHEYnp2Y4F5DaCXOZLUilClHymr5kOEQjhGj5F_CUI599OemO8ULJh8DOkmJZMAKicp-nWgLj0jkSg47le5x2KBGy_0uIk8gJ8Hkr35sDnnOTyDLf-uTMm4feKWpTXUWjlGIKh_Spk_qt6NZZ46BdyOq_cFFfszUzrx7JJeEx-Vbg4olX9xmGotcqFfdw3JgNlBKzzA16rklvzohZpoLcRpEsuEzPRNuluGOR3k_4tRtJ0OLGbzlJytFBatjP28ItB_brjg2J_UBrSPWYGK-BPsps_zo8mCduTs1Cx9xQNHefF4bluk6_N5K19sdiDFBFnu8vivU7ZnAVv-326D2iOyVRruuvx0OSiFy171Avw_dqn1gSAx-8z8RNB4bMWnIwzlyAGHUV54HBuLR1O9fqU9JpVDEkxFqhLGfD3j8umAuIjzu0-zmZr-OChPebwFJOEDuurn4YOk-YuDQeGiSNvRfOxEgc3uKLIlws_4l-jN6qP3202EBnMcVPRoLhQ64t50RUiTcp94zfQby5eulgq6ZxLDY30HNrpEWfgF5wOGJnTCO2_tiPMdyzUUb2JNyVvysLl2hGk8OLwfuCl5W4mT1sO43wOz_hrlhekOBeEjd3hZ6NneuVIWtro841PGBhPNYmyJKcLWYeNPq8fcLoJWlMTj0IXgiphEMZgTdiBv8TF9LdqNRG1UwMsxB40WvjtVemX3UyFtyfyvhN8BecOl7xY80oDXvFEAPNQRDcn2kWXedkPIn91MmEMHnsc&cid=CAQSLQCNIrLMmcgySj_CTzNFMYvkFFCMdZue_mhI6KgSy9LOUNM3bPvRnb6fSy_8yA&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbd2e8a0feed591439721c13d56d26a48c7ead703d98f9d568791ff225645051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33645
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC9A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJygTJY2yXnIZLG-cVsGKU5CZLoXxT2IPntdGSaoaUk8c9SMhaLd7zQ2qgGIdocO0Zv27Re4b-eF3T8SEv7KO8S7U5GCFS-PM8YNObo1KCuy2SpVQ
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame EC9A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/window_focus_fy2019.js
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 May 2022 02:08:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC9A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Apr 2022 02:09:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame EC9A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 01:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6421
x-xss-protection
0
server
cafe
etag
15269590465493672714
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 May 2022 01:47:18 GMT
k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
pagead2.googlesyndication.com/bg/ Frame E3C0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 17:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
30280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13613
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Apr 2023 17:45:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2AD5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041801&jk=2849802249392617&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 7F0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7CbeZSIFDTUjg4abkuUu4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7CbeZSIFDTUjg4abkuUu4&google_cver=1&C=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7CbeZSIFDTUjg4abkuUu4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUPD-9pr65DNXz4vaAj3WCdggQ_vw9KwVn9yE2-d5Ds4wwyhguh6ZDoUEUgtlrgU-staswVtsrdrOF1ZPgy0VwML4aEGB-5Wz2rlkUjlNv-pmWJyUf4ePu3p7jUWpOD8T4fTktV9J9KbYODnZulCKAkajaNmWNfmCPLek9rYnvsICNsMuM
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Apr 2022 02:09:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 22 Apr 2022 02:09:42 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 22 Apr 2022 02:09:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7CbeZSIFDTUjg4abkuUu4&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 22 Apr 2022 02:09:42 GMT
rum
dsum-sec.casalemedia.com/ Frame 7F0A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmIOZpa3esKbyCfcBAlDaQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnTEcme9kov_s2VVZSwTyo&google_cver=1
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnTEcme9kov_s2VVZSwTyo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUPD-9pr65DNXz4vaAj3WCdggQ_vw9KwVn9yE2-d5Ds4wwyhguh6ZDoUEUgtlrgU-staswVtsrdrOF1ZPgy0VwML4aEGB-5Wz2rlkUjlNv-pmWJyUf4ePu3p7jUWpOD8T4fTktV9J9KbYODnZulCKAkajaNmWNfmCPLek9rYnvsICNsMuM
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Apr 2022 02:09:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 22 Apr 2022 02:09:42 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnTEcme9kov_s2VVZSwTyo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7F0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGSteVEwpT7DFlX_xY0HWb0&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGSteVEwpT7DFlX_xY0HWb0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUPD-9pr65DNXz4vaAj3WCdggQ_vw9KwVn9yE2-d5Ds4wwyhguh6ZDoUEUgtlrgU-staswVtsrdrOF1ZPgy0VwML4aEGB-5Wz2rlkUjlNv-pmWJyUf4ePu3p7jUWpOD8T4fTktV9J9KbYODnZulCKAkajaNmWNfmCPLek9rYnvsICNsMuM
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Apr 2022 02:09:42 GMT
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d338c661-9a4a-45da-b9f8-6fdd2151184d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGSteVEwpT7DFlX_xY0HWb0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7F0A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIxMTQ2OTAxNDgwOTkzODc5Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIxMTQ2OTAxNDgwOTkzODc5Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUPD-9pr65DNXz4vaAj3WCdggQ_vw9KwVn9yE2-d5Ds4wwyhguh6ZDoUEUgtlrgU-staswVtsrdrOF1ZPgy0VwML4aEGB-5Wz2rlkUjlNv-pmWJyUf4ePu3p7jUWpOD8T4fTktV9J9KbYODnZulCKAkajaNmWNfmCPLek9rYnvsICNsMuM
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 22 Apr 2022 02:09:42 GMT
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8f4d765a-cf9f-465d-829c-d51e84fdbdd5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIxMTQ2OTAxNDgwOTkzODc5Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E3C0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YTJ1Gg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame EC9A 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
Origin
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 09:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Apr 2022 09:48:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/ Frame EC9A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7LNhIccfWnPapLPnhyaRjFXiR3rrUOH9yu22h8RHN58gWAB-LIwJWASB_C5BuUHQ04b9MGS7To5YwoEIk7mh9A7Jn3M0tNFCt_dAzR9a1OYepz-Yrn0CLR1b8lbJYBBok3MDMeDiwVIngLUIZZyo_Eutljg&dbm_d=AKAmf-C6HQTB6XLbVmYKaSFM09jxlNpeLhiuIXknweY8XGaUtJtrBR-LyS3J8d06GTPuSNxLZIvQGRs8G1QC0IsmkMzOJRqiCYH8_jkp7GPx5Fe7VzC6pbEShDWavyRq8iCr-bhiY2IlRsJ41cyKLwxZ4jcPrEHeflwxoGFHUJToXOxodSedLaTP1LZTBnu5GRlXZRtNBVlNSvHltuAAykGCYKKoWCK3ZLBenGGK6MMdtSa9nRjEy_UGJkNfKEPeq1LvAy0bpY1l9d_PH8ShM2ZJVY1hkV-Iq3e7kTJyWyScIF5sARyTVkU0C6200LgKgT1M03chUYYBL-7HrAq5YCPlnwOTKSUmz8scNklkyynaDxyqcrTvtBRbcEmfsh9FFjV032cZXcaiLgglY_xgc1VEYw3gJQqNi-lvUpC8S8DZnQcvAc6VTovr9ujknwqejyvb-mZwe_mlJ11NlDg_WGJEOA3TLzTtGiv1pvlfDE1UjaSlQFqbDzypKgHiYHIh2Df_nfz4sof2mjgrYhI6s1cDkdhtNsLxe7uPm6b644E3uzv2hlD5aVKZrIQXOVVz9Iu9gJ5DoXIo_iVlpcBy0azLgi9cN9OAEqB0NJjBNKZbnCqm0xliNqh79GbCaI5rcknsspcpZ5e78H-2LAKwQiNLdgfDoNc_CgHdDSThn9e-hztptSaGF4VLyTjruqW_8CoMgz174Us6uqk4-ZQ9nFGIV9vJBarmKdR-SMMznyM1OPcchAJU28dcydWf2L2398rxliqNSEO7VMO1lGGX1UZsJKARK6CwK63JHw22dj8iL2kC_vT6nOdkeVwReDmbYOEUmmV6wWuCeV7lRbs-CXD4dc0lSf7ABbe7H5Lpj7uP8zFUmoVZxz7LCxsau6XAo1EhVuia-wrL4UNz5Diiz5QwunU-BG_jBs8X3jjBPo3oxfN8jkhve1sXZT1E-8RZZUhJoBbsTTXCDRfYqMnng_7MwRMFO1EkuVKon1jXnF25gR5xIPECtiFMiuR_i_rr4JkfVVL6OE4aBdiSTra8_DoaX2LFea31mLVWhc3gH3ETm1ANDaJuacGItq_KLfgWb8_MPbcED4wXplBkDpKtjQHaZcHYJRgLodkLNkToAys3ivSaYRU6GxeLr3bJOQr3biuURxCidzIrdUolyYFnVQA1eN66ZizcecdFS_JzpRiiCd5drvBknhNxXUST1PD5nTy1PT5Sm9jX-6Q1aywbvGI3wbaAiujrV_daVi7KgFc1L3jj-2Uw490oZdd8B_7_L_37ZEUmwxMTz6BLHxdHPC1fAXBTaJukS6mi510I6RmHJ4eruegOy4e-CitG1NlbIACKj1B-fsMUCQneZLrB1eMe4WDFglWquClEii-rYlfoQM67FqXR7AqQjCTrK0gCdNtCL-HQIwtqmvgJzv2_Mgi-gfxM29NlEvFlXvigQudsVM3tSI9Hu1rTFP4rXWrZ3-B2DXuL2sQo3kIpLFB8Mbxtqp8qwEl5NK-N9sXNeRVqtlN6mhfaj7EO5EAJFawOmParMdw1cV3uHGf5F7vUy4e-p0NYb0Uo52Dg75QC0bbUp0_XUTaXRI0DQsWSzHn8yolxKc2rdpGybKTLlKNI0UaV0-7UAKwDoTXfFUyzmU2kruU55rHCFdYUHjEzadc_Zngmj6P8bYTME59T-W84pWKQhj8WiSqStGV5bHDMcFd3WYTe0vC2Ix_cIa2CeyaXId3tX3sL2G5IjoDlWk0Hl-7YhcsWFkLLiUbxaDH5XuBUkxRch76S007L-iXRDU6y7Wugw80WVXpjdVzvydiG4ptzP9VNFe1zZu1JbathpvA3Cb1dya83nInWEXoJxzL2SCXv_Vr63fDfWqtMQZ-8atWRHjILfog6JYKyDyeRl-6GlrU5CAdK_CucZQSSpvaQJQAIiySIcjKgb4G7t-XicwsHrvPqx-lp6j5wa0MVX1Q2v8MSNA8KfMaKHaX8gh9T3kGr7XKWMmzZX07ZL6FehOx_HI8hJzctGlLgGL7nFSPXEm-1GhucD6HdZp0LSbVlX-XMI2bWL1oikb80MUYXunSMIHk4z1Jaj1pt9AdmW4zs_cvF6KZ7tAatbP0NXmLKuXMRnGUR_WAMilCQXS7RyON-be4e7Rn5r_BZNMqTqT9NWjl2Lzw_eHTUv9fUAV3ep5mNi5mEZSg6N202Y__0vmx3FmgDyvD4zfrS1YLpo4OeBMWZCcqPpfxkdfera2wWFXIcVkpscLwVm4j6QjaYZ7UfUoxmCbwBD21msiV3O2PRpq_4n1VdWDdQkguIfw1H6yZszebUUrAPm84Ee5FKS1YYySKsQpO8dfVHav2vX-b2E6p-LN1VgWgFt4pWZ2lqImhZ8qrApg9HMpe_42EdLhhakOVltGgfkODsFsR4YBYElMQ_TKcNzcHmoowPSHJWF8wbaDTaByTwj1CpkK6olYWeaKUrfcgkl335ukiJ_HkU5Q5Pi0Tzs409ZBQEPHpkC_jN4IxNYti-ADoHEYnp2Y4F5DaCXOZLUilClHymr5kOEQjhGj5F_CUI599OemO8ULJh8DOkmJZMAKicp-nWgLj0jkSg47le5x2KBGy_0uIk8gJ8Hkr35sDnnOTyDLf-uTMm4feKWpTXUWjlGIKh_Spk_qt6NZZ46BdyOq_cFFfszUzrx7JJeEx-Vbg4olX9xmGotcqFfdw3JgNlBKzzA16rklvzohZpoLcRpEsuEzPRNuluGOR3k_4tRtJ0OLGbzlJytFBatjP28ItB_brjg2J_UBrSPWYGK-BPsps_zo8mCduTs1Cx9xQNHefF4bluk6_N5K19sdiDFBFnu8vivU7ZnAVv-326D2iOyVRruuvx0OSiFy171Avw_dqn1gSAx-8z8RNB4bMWnIwzlyAGHUV54HBuLR1O9fqU9JpVDEkxFqhLGfD3j8umAuIjzu0-zmZr-OChPebwFJOEDuurn4YOk-YuDQeGiSNvRfOxEgc3uKLIlws_4l-jN6qP3202EBnMcVPRoLhQ64t50RUiTcp94zfQby5eulgq6ZxLDY30HNrpEWfgF5wOGJnTCO2_tiPMdyzUUb2JNyVvysLl2hGk8OLwfuCl5W4mT1sO43wOz_hrlhekOBeEjd3hZ6NneuVIWtro841PGBhPNYmyJKcLWYeNPq8fcLoJWlMTj0IXgiphEMZgTdiBv8TF9LdqNRG1UwMsxB40WvjtVemX3UyFtyfyvhN8BecOl7xY80oDXvFEAPNQRDcn2kWXedkPIn91MmEMHnsc&cid=CAQSLQCNIrLMmcgySj_CTzNFMYvkFFCMdZue_mhI6KgSy9LOUNM3bPvRnb6fSy_8yA&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 00:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 May 2022 00:59:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/ Frame EC9A 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7LNhIccfWnPapLPnhyaRjFXiR3rrUOH9yu22h8RHN58gWAB-LIwJWASB_C5BuUHQ04b9MGS7To5YwoEIk7mh9A7Jn3M0tNFCt_dAzR9a1OYepz-Yrn0CLR1b8lbJYBBok3MDMeDiwVIngLUIZZyo_Eutljg&dbm_d=AKAmf-C6HQTB6XLbVmYKaSFM09jxlNpeLhiuIXknweY8XGaUtJtrBR-LyS3J8d06GTPuSNxLZIvQGRs8G1QC0IsmkMzOJRqiCYH8_jkp7GPx5Fe7VzC6pbEShDWavyRq8iCr-bhiY2IlRsJ41cyKLwxZ4jcPrEHeflwxoGFHUJToXOxodSedLaTP1LZTBnu5GRlXZRtNBVlNSvHltuAAykGCYKKoWCK3ZLBenGGK6MMdtSa9nRjEy_UGJkNfKEPeq1LvAy0bpY1l9d_PH8ShM2ZJVY1hkV-Iq3e7kTJyWyScIF5sARyTVkU0C6200LgKgT1M03chUYYBL-7HrAq5YCPlnwOTKSUmz8scNklkyynaDxyqcrTvtBRbcEmfsh9FFjV032cZXcaiLgglY_xgc1VEYw3gJQqNi-lvUpC8S8DZnQcvAc6VTovr9ujknwqejyvb-mZwe_mlJ11NlDg_WGJEOA3TLzTtGiv1pvlfDE1UjaSlQFqbDzypKgHiYHIh2Df_nfz4sof2mjgrYhI6s1cDkdhtNsLxe7uPm6b644E3uzv2hlD5aVKZrIQXOVVz9Iu9gJ5DoXIo_iVlpcBy0azLgi9cN9OAEqB0NJjBNKZbnCqm0xliNqh79GbCaI5rcknsspcpZ5e78H-2LAKwQiNLdgfDoNc_CgHdDSThn9e-hztptSaGF4VLyTjruqW_8CoMgz174Us6uqk4-ZQ9nFGIV9vJBarmKdR-SMMznyM1OPcchAJU28dcydWf2L2398rxliqNSEO7VMO1lGGX1UZsJKARK6CwK63JHw22dj8iL2kC_vT6nOdkeVwReDmbYOEUmmV6wWuCeV7lRbs-CXD4dc0lSf7ABbe7H5Lpj7uP8zFUmoVZxz7LCxsau6XAo1EhVuia-wrL4UNz5Diiz5QwunU-BG_jBs8X3jjBPo3oxfN8jkhve1sXZT1E-8RZZUhJoBbsTTXCDRfYqMnng_7MwRMFO1EkuVKon1jXnF25gR5xIPECtiFMiuR_i_rr4JkfVVL6OE4aBdiSTra8_DoaX2LFea31mLVWhc3gH3ETm1ANDaJuacGItq_KLfgWb8_MPbcED4wXplBkDpKtjQHaZcHYJRgLodkLNkToAys3ivSaYRU6GxeLr3bJOQr3biuURxCidzIrdUolyYFnVQA1eN66ZizcecdFS_JzpRiiCd5drvBknhNxXUST1PD5nTy1PT5Sm9jX-6Q1aywbvGI3wbaAiujrV_daVi7KgFc1L3jj-2Uw490oZdd8B_7_L_37ZEUmwxMTz6BLHxdHPC1fAXBTaJukS6mi510I6RmHJ4eruegOy4e-CitG1NlbIACKj1B-fsMUCQneZLrB1eMe4WDFglWquClEii-rYlfoQM67FqXR7AqQjCTrK0gCdNtCL-HQIwtqmvgJzv2_Mgi-gfxM29NlEvFlXvigQudsVM3tSI9Hu1rTFP4rXWrZ3-B2DXuL2sQo3kIpLFB8Mbxtqp8qwEl5NK-N9sXNeRVqtlN6mhfaj7EO5EAJFawOmParMdw1cV3uHGf5F7vUy4e-p0NYb0Uo52Dg75QC0bbUp0_XUTaXRI0DQsWSzHn8yolxKc2rdpGybKTLlKNI0UaV0-7UAKwDoTXfFUyzmU2kruU55rHCFdYUHjEzadc_Zngmj6P8bYTME59T-W84pWKQhj8WiSqStGV5bHDMcFd3WYTe0vC2Ix_cIa2CeyaXId3tX3sL2G5IjoDlWk0Hl-7YhcsWFkLLiUbxaDH5XuBUkxRch76S007L-iXRDU6y7Wugw80WVXpjdVzvydiG4ptzP9VNFe1zZu1JbathpvA3Cb1dya83nInWEXoJxzL2SCXv_Vr63fDfWqtMQZ-8atWRHjILfog6JYKyDyeRl-6GlrU5CAdK_CucZQSSpvaQJQAIiySIcjKgb4G7t-XicwsHrvPqx-lp6j5wa0MVX1Q2v8MSNA8KfMaKHaX8gh9T3kGr7XKWMmzZX07ZL6FehOx_HI8hJzctGlLgGL7nFSPXEm-1GhucD6HdZp0LSbVlX-XMI2bWL1oikb80MUYXunSMIHk4z1Jaj1pt9AdmW4zs_cvF6KZ7tAatbP0NXmLKuXMRnGUR_WAMilCQXS7RyON-be4e7Rn5r_BZNMqTqT9NWjl2Lzw_eHTUv9fUAV3ep5mNi5mEZSg6N202Y__0vmx3FmgDyvD4zfrS1YLpo4OeBMWZCcqPpfxkdfera2wWFXIcVkpscLwVm4j6QjaYZ7UfUoxmCbwBD21msiV3O2PRpq_4n1VdWDdQkguIfw1H6yZszebUUrAPm84Ee5FKS1YYySKsQpO8dfVHav2vX-b2E6p-LN1VgWgFt4pWZ2lqImhZ8qrApg9HMpe_42EdLhhakOVltGgfkODsFsR4YBYElMQ_TKcNzcHmoowPSHJWF8wbaDTaByTwj1CpkK6olYWeaKUrfcgkl335ukiJ_HkU5Q5Pi0Tzs409ZBQEPHpkC_jN4IxNYti-ADoHEYnp2Y4F5DaCXOZLUilClHymr5kOEQjhGj5F_CUI599OemO8ULJh8DOkmJZMAKicp-nWgLj0jkSg47le5x2KBGy_0uIk8gJ8Hkr35sDnnOTyDLf-uTMm4feKWpTXUWjlGIKh_Spk_qt6NZZ46BdyOq_cFFfszUzrx7JJeEx-Vbg4olX9xmGotcqFfdw3JgNlBKzzA16rklvzohZpoLcRpEsuEzPRNuluGOR3k_4tRtJ0OLGbzlJytFBatjP28ItB_brjg2J_UBrSPWYGK-BPsps_zo8mCduTs1Cx9xQNHefF4bluk6_N5K19sdiDFBFnu8vivU7ZnAVv-326D2iOyVRruuvx0OSiFy171Avw_dqn1gSAx-8z8RNB4bMWnIwzlyAGHUV54HBuLR1O9fqU9JpVDEkxFqhLGfD3j8umAuIjzu0-zmZr-OChPebwFJOEDuurn4YOk-YuDQeGiSNvRfOxEgc3uKLIlws_4l-jN6qP3202EBnMcVPRoLhQ64t50RUiTcp94zfQby5eulgq6ZxLDY30HNrpEWfgF5wOGJnTCO2_tiPMdyzUUb2JNyVvysLl2hGk8OLwfuCl5W4mT1sO43wOz_hrlhekOBeEjd3hZ6NneuVIWtro841PGBhPNYmyJKcLWYeNPq8fcLoJWlMTj0IXgiphEMZgTdiBv8TF9LdqNRG1UwMsxB40WvjtVemX3UyFtyfyvhN8BecOl7xY80oDXvFEAPNQRDcn2kWXedkPIn91MmEMHnsc&cid=CAQSLQCNIrLMmcgySj_CTzNFMYvkFFCMdZue_mhI6KgSy9LOUNM3bPvRnb6fSy_8yA&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 01:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 May 2022 01:58:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EC9A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 15:03:03 GMT
truncated
/ Frame EC9A 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d61768a460c15e68d9b183274c879695f3506b3753f22771f9a0fbe260a8ce8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1588 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
63713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 08:27:49 GMT
expires
Fri, 21 Apr 2023 08:27:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
pagead2.googlesyndication.com/bg/ Frame 1588 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 17:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
30280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13613
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Apr 2023 17:45:02 GMT
index.html
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
381718
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1568
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Apr 2022 16:07:44 GMT
expires
Mon, 17 Apr 2023 16:07:44 GMT
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EC9A 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHuZNxNQNfGPzB3CuOtSaNKWGid77thHEimNhP2ubspShADYhtaWn2-pYQ4VbZ8Y6koxXh1AyBnb6tu-IMsKarrVGDfq4PiE32CgeNu0LS_ZHMArmS97wmH0YG6Nu2vu8oKaobUd0gZE8gd5TZUEInVmG4obNjvaDCzEaH5U-pYI64IgSGuSyhgTKJqSYmVpwnTJi0VZ8MnfTxHPTy3NP7L5PyfjiLQOP8Kiwx6KyTTe1lXdH7t-gExCiHv9JziIhb-zSBgnfdGWI8PMg0kUJXUqw560jIefU_w_6AKzZaHl36VYUwgEiIMq1oil5UWsSJQUnPcfv3bUTWgc2wCEh8xCXkQL7z1A6ZlYmSiOKRIlH3pQ5Qx00e5d_CpT8tDMSKDtTuCAqbv4eQibnZde3R9R7IHL9eGZlNSM5H3Bd_TGeBaKGe3-ScrPIi0ClF8n2jFea3bG0Kx35Ylj6mnKAshwFhcTxs82AJ0txjbDxyRFx1J61WDVFAEAOXfO7hsxA6fsokVBMM0_s8-pXltHN84KEPw0VLRmvPiWzSxUqbY7DCg7AxxkrWQG9sXxGIRVuACvcBtIbGgdwkKjwAZWgnKEBvtuyX62GbvMA7B5t2n_WfB81_CvKXDWcTxY9kkyKVC2O6i3OW5Y9gEWpj0YKjFiGJ-YOMbNbMX5y4w5ARw7lWNgY5tZcJ5r8sJ7BMKbLbxDyPwiGK_2sgkR5qlEYTYRXbZk3Ve1JwMPHNAenTRJ7wwgSVWki1lLeLrLDLBJTsE6ftKVndfJtM53gp3qhOU0wIf8K4UETaZDBK9-A_ET7OkkQwQVJuC1gJt8DR3zZh5bxduMq8xicRPAhBQFomXDe9Q9q-Q9ErB4zRB4JTedtK5wPERumSJTV5LrsRwUPwFFAzA16pBd8qAmC-exiZvlo3cl9wRUD-QdpEtXawvDwy120nmTIJjeuN4z3qm3_56FXZrp55QqQz0aEZ3PPOVgvdrHB4Y2ulsIwwDT7INd22y6HfKHN902Fao58GWLAl96ofH7_Ek5glvMaqzMdsFtqndPFs6DnrPSoBFIsddMb6ZMcOvz2wpQIWeCJzf6MrIoq8muDduGkHKoSgakauq6I3It72El0XWI4XiO7z72yOBq7NyTnIouFXL2-oV9bDqOjGdJuNUumrcSamYiAMb1GmPDbkfWBONbKos2qaE6kI7jgQPkyJLwK6q7cDpXxwD6pMzy9z_nU_BRu5Xn3wkw&sai=AMfl-YSXqMWEt6Go-C6LUYyEipkHkJlKnnmSNId49TRGenUMIGjArJ586_0F81Ndqh6gy9S34g6qM1ryie5FK8fVngbp-X3GFJBmL0tp8On_XUQ371f4K2kDIazapASsbKgNv3guc90zXt1g0COeCPHph92Ix8YqswzjCyesDAzn5pk6ZuuN-USPaW10pSax39zFhBEzjKr25r6r8zj9MmO2-Vweq6Ef6ijRaUyMSQ&sig=Cg0ArKJSzJoql-3zOvIuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=252&cbvp=1&cstd=249&cisv=r20220419.24898&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 22 Apr 2022 02:09:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
px.gif
d.adtriba.com/ Frame EC9A
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
35.156.209.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-209-127.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 02:09:42 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Fri, 22 Apr 2022 02:09:42 GMT
Last-Modified
Fri, 22 Apr 2022 02:09:42 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1588 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwmPVZg5iYuGwBs-g7_UPwqGm8A4AAAAAOAHgBAI&bg=!bW6lbirNAAZvJBiFTyQ7ACkAdvg8Wnbqs82SLrwR7ZwOUKhwO0hguy_ZFAWKjxCfTjcv8qUQbcHd7AIAAABIUgAAAAJoAQcKACwrwJHIO0Vl-2H0nFNkEVhgi2N9thHHcuYDZHLzFRu14lTxvXp0HqbY1CxsoJkC6B9kNGjzFHz-0cfGS06FSy4k1EdNSBuCPu2m4OvWV75olQbiP0Wr1iy99386ZlBlNNlBhJIvP0ATC3cnawzwvRcYgKGyGh4HXdHQDlHEh-ejcbQPGtTyVA3ug0CaY41Tp6s3lX5kImd9xxyo9od73_k-MUzwXF_RCQOt6FMF1QlQ13qE6OBo7j_s0gpz4EFY4BgB9C-kqleiBy5fKfxWuJl95Fv4bdRr7r5cz8xIuj4IHwFvdTRq8lF5-AU3y9etVbOjsp1MdNoQa6Ap-9aeLb3WMB6MEuLwmb_X9ClVHD2G0obXvEQ0iapknSdMRene_62aJ9Knr7WV2Hesku8UlBtXFiJfqhzDXOJ3__hMGGeetldBsebpPhsuhfsJp9EeEfl_Zcxa2TJ7fkYoJa7r8Oi7Fq06UNw2G1B_WMcA6m2ZP-EeofGiD30QdhQd2lVvdbTCWnClo665A3Gkzd0-OmJ-xPNlR6CmY3tc1JZlS4VSYKtRBa4Me8X1xhsHpZvL76xmD-TcK57ILpwumWnBbEKh1ubAyDA0kU-2z_LWyG_yomPUeZw9rcuqtT3tFZY8dGbGWuN0Fgr2UYJ4I8cVadMXouMjR4fQEaC_4h9SsC0mGTPRrsYIXvACnLxGQQJpyuWauGwd07sPduorehKq9j0Zy6DjFr-ZEj9MTzhKrisy4shU7nNQ_v-UbfmbgeQbo9M2XyMkI5Bl9pVnLPXhaJAOcXmrjx-sfatkybhdBp60zAxLJ7_d0tal1kNojAU6DX07LAHFOMr4MrhpVcozRudHO5mYiqpmwNcGafuNIzMbHu-kwaocdbQOrCRIqRtIZir1amFrwPX1X9K6SjymaxvAhQ4Gbfyl9MhzoCgckvoUWYU8ziXcFHoCMAgn2RlOK2NHsDaNGydezCaeHogZbxWsZrIgAm1HP2ZzoUvvwV7BZKfBNY20x6_KPavkA_7vwvPlZyRR5yAYFMr9hjHYce5iJJ746gKK3w
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		1 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 16:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
491
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Apr 2023 16:07:44 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 720B 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 02:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Apr 2022 02:09:42 GMT
main.js
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 16:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2182
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Apr 2023 16:07:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041801&jk=2849802249392617&bg=!YWKlYibNAAZvJBiFTyQ7ACkAdvg8WoG24GkmM7h9pqCfCX-H2n84zVnXCeIxlTqQVorwezTgEVylVwIAAABMUgAAAAJoAQcKAC-pDh9Zt6Of6D-yUkl_4h-RNSngtjAlg_kdN6o6H0M4GWarDTHFghI0VCB587IagZkCpYGXD-bdQznZrIf3yGsoowghwyiZBZ73FQtYPoNphzHEOBg5Md8Jj2VEPJ4QYPh97UND0H12KW3fqXXCkY3Skf-9Zk-j3HrP4DM5GqOP5jErXRq3t3CrXsfu0L-5Yw5-j9GoKgaDVSmcfyy1LahPkNgi-rek0QnrGVNOup6hKPIvZvwRLgf-iuBBjdhrxw7pjP1rLK0wdyWAuNkt6dhiwKTytNqnSsFe-mY5GICIc5hrfgPSq-ToapQIGVqClUKZ22H7VfAvTAtxV0otOJiy9_PyCNuCRiEuspL7OM5w1wRN7xAhDIVCEgoFn58YAZ-okQxY76Qg24rh8uVoRqkRVgAxdnQwqj_fLmmPx_V4fRauypU5KRl0VVxM1n54rfNoubCovoylykTqRh9J5jGUbXqhFLjE0oqWrMaZA4VKZMKtKL6CRtyweRhm2lO_XurWY0DTg-F7Z-qP9xh2qKFITI_TBt752E4I93uQAo-4A2XqZBcd2Uk5wqLxOQH6fEDURure84XBwMYdqQApzAVrUoRrx_aNnFsEtpz8_PQznl_KWUJPOcrLXm2EitRwCsqLReSXQ9onq_wPSCirtM8PqAq1rXuYb3hE-F2Ol7vFnBwXhkILebVQSVYJxixcPJEqbz9BDz2503KO2EVkHbXaeXikwELhmCeO6VX9cVue8BLZ6rackr0iu9d0MwMM4fuX5WPKaaFsAGfRWNtPVbsW4jSD0Vl5oESd_sOPHwALEpLoZPO38WXh4x3De2l0FyAAWW-JF2QNhFq6nXhu5w2xDOfHd4LqbGf8RCpa6BpeZkWCXFpD_n6CHrlIqZ9rkl_ITPJsql5RBmcTpLPci6WQLa_5QNo3Qye2VPv1WJbmKTZQ1cUVEsloy0Unpd2dB0IKBDQWRkhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
bg1.jpg
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/bg1.jpg
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:51:29 GMT
x-content-type-options
nosniff
age
577093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31197
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 09:51:29 GMT
b1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		454 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/b1.png
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:51:29 GMT
x-content-type-options
nosniff
age
577093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
454
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 09:51:29 GMT
h1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h1.png
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:51:29 GMT
x-content-type-options
nosniff
age
577093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13570
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 09:51:29 GMT
h2.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h2.png
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:51:29 GMT
x-content-type-options
nosniff
age
577093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11140
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 09:51:29 GMT
h3.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h3.png
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:51:29 GMT
x-content-type-options
nosniff
age
577093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2211
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 09:51:29 GMT
cta.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/cta.png
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:51:29 GMT
x-content-type-options
nosniff
age
577093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1527
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 09:51:29 GMT
logo.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 720B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/logo.png
Requested by
Host: 16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
URL: https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:51:29 GMT
x-content-type-options
nosniff
age
577093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1159
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 09:51:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EC9A 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHuZNxNQNfGPzB3CuOtSaNKWGid77thHEimNhP2ubspShADYhtaWn2-pYQ4VbZ8Y6koxXh1AyBnb6tu-IMsKarrVGDfq4PiE32CgeNu0LS_ZHMArmS97wmH0YG6Nu2vu8oKaobUd0gZE8gd5TZUEInVmG4obNjvaDCzEaH5U-pYI64IgSGuSyhgTKJqSYmVpwnTJi0VZ8MnfTxHPTy3NP7L5PyfjiLQOP8Kiwx6KyTTe1lXdH7t-gExCiHv9JziIhb-zSBgnfdGWI8PMg0kUJXUqw560jIefU_w_6AKzZaHl36VYUwgEiIMq1oil5UWsSJQUnPcfv3bUTWgc2wCEh8xCXkQL7z1A6ZlYmSiOKRIlH3pQ5Qx00e5d_CpT8tDMSKDtTuCAqbv4eQibnZde3R9R7IHL9eGZlNSM5H3Bd_TGeBaKGe3-ScrPIi0ClF8n2jFea3bG0Kx35Ylj6mnKAshwFhcTxs82AJ0txjbDxyRFx1J61WDVFAEAOXfO7hsxA6fsokVBMM0_s8-pXltHN84KEPw0VLRmvPiWzSxUqbY7DCg7AxxkrWQG9sXxGIRVuACvcBtIbGgdwkKjwAZWgnKEBvtuyX62GbvMA7B5t2n_WfB81_CvKXDWcTxY9kkyKVC2O6i3OW5Y9gEWpj0YKjFiGJ-YOMbNbMX5y4w5ARw7lWNgY5tZcJ5r8sJ7BMKbLbxDyPwiGK_2sgkR5qlEYTYRXbZk3Ve1JwMPHNAenTRJ7wwgSVWki1lLeLrLDLBJTsE6ftKVndfJtM53gp3qhOU0wIf8K4UETaZDBK9-A_ET7OkkQwQVJuC1gJt8DR3zZh5bxduMq8xicRPAhBQFomXDe9Q9q-Q9ErB4zRB4JTedtK5wPERumSJTV5LrsRwUPwFFAzA16pBd8qAmC-exiZvlo3cl9wRUD-QdpEtXawvDwy120nmTIJjeuN4z3qm3_56FXZrp55QqQz0aEZ3PPOVgvdrHB4Y2ulsIwwDT7INd22y6HfKHN902Fao58GWLAl96ofH7_Ek5glvMaqzMdsFtqndPFs6DnrPSoBFIsddMb6ZMcOvz2wpQIWeCJzf6MrIoq8muDduGkHKoSgakauq6I3It72El0XWI4XiO7z72yOBq7NyTnIouFXL2-oV9bDqOjGdJuNUumrcSamYiAMb1GmPDbkfWBONbKos2qaE6kI7jgQPkyJLwK6q7cDpXxwD6pMzy9z_nU_BRu5Xn3wkw&sai=AMfl-YSXqMWEt6Go-C6LUYyEipkHkJlKnnmSNId49TRGenUMIGjArJ586_0F81Ndqh6gy9S34g6qM1ryie5FK8fVngbp-X3GFJBmL0tp8On_XUQ371f4K2kDIazapASsbKgNv3guc90zXt1g0COeCPHph92Ix8YqswzjCyesDAzn5pk6ZuuN-USPaW10pSax39zFhBEzjKr25r6r8zj9MmO2-Vweq6Ef6ijRaUyMSQ&sig=Cg0ArKJSzJoql-3zOvIuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=542&vt=11&dtpt=290&dett=3&cstd=249&cisv=r20220419.24898&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Apr 2022 02:09:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame EC9A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdEA_Wa28LcNsg4FYl8lv1CO3F24sjZC1QUeFSs4K9RR2B6zL0ScaPxABR6CJ6CzLsOSwkAO7oH41UkCZna2KyFEauMN3bBsWFeHsJ1dicXkCP0TTR3w&sai=AMfl-YRIvhyrWJF2DpW80SYZv3m_oD3h1I7g82rt5HEid0QN3GA6xPkt4e4OnOPp2W8SeMrs4mgYRHgtrbl40YxoOwnRaiCjEWquM7opfy8-&sig=Cg0ArKJSzA_Kp4FddluFEAE&cid=CAQSLQCNIrLMmcgySj_CTzNFMYvkFFCMdZue_mhI6KgSy9LOUNM3bPvRnb6fSy_8yA&id=lidar2&mcvt=1000&p=511,1150,761,1450&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3409417865&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650593381770&rpt=543&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 02:09:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| clientIp string| GoogleAnalyticsObject function| ga string| rbcDomain function| customLaunch function| $ function| contentSlickCarousel function| setCookie function| getCookie number| dfpLoad object| googletag function| loadGoogleTagManager string| rbcSafariPermission string| rbcSafariDomain string| rbcWorkerFile string| rbcWorkerPostPrefix object| lazyObserver object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
.rbc.ua/ Name: _ga
Value: GA1.2.1161035410.1650593381
.rbc.ua/ Name: _gid
Value: GA1.2.1013564987.1650593381
.rbc.ua/ Name: _gat
Value: 1
.rbc.ua/ Name: _gat_editionTracker
Value: 1
.rbc.ua/ Name: _gat_withoutiaTracker
Value: 1
.rbc.ua/ Name: __gads
Value: ID=49d3256fc598e90f:T=1650593381:S=ALNI_MZBLDfWAQE99OyRPK4cbx4uZxFXjA
.doubleclick.net/ Name: IDE
Value: AHWqTUml6Ae1_c3WHxG4A8jh74mHZsqRsixIJ01jAsBUx7Ec7VCU63405UdjnCMaYvQ
.adnxs.com/ Name: uuid2
Value: 3211469014809938796
.casalemedia.com/ Name: CMPS
Value: 1836
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>6pGiH2!]tbPl1M>e)ZlrFUfJ+tGXxoiI*Sk6GS(7'aZo_j:!vK!NSfxNNaaXT-P$2'*bpRz*qF1`*b^sE)u(Gv
.casalemedia.com/ Name: CMST
Value: YmIOZmJiDmYA
.casalemedia.com/ Name: CMID
Value: YmIOZpa3esKbyCfcBAlDawAA
.casalemedia.com/ Name: CMPRO
Value: 228
.casalemedia.com/ Name: CMRUM3
Value: 2d62620e662760CAESEPnTEcme9kov_s2VVZSwTyo
.adtriba.com/ Name: atbgdid
Value: 4d69a714-ddf4-4436-a58b-8aa8ee846c42

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16b681d9462c225a7303beed2870dc32.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
d.adtriba.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
rbc.ua
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.rbc.ua
142.250.184.226
142.250.185.66
142.250.186.98
23.35.236.247
2606:4700:20::681a:22f
2606:4700:20::ac43:46e7
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9b
35.156.209.127
37.252.172.123
00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1b27787017d71ed2a0b92667c109eec42c4fe5722866b86c4185c64111fb0ea7
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3b94b6f798453eb2a87e54efd5f67936c01a55dd5289f4ae1e052ef6044de8ee
4404bc28ef609dd364bbe12815bd9e9490455cd291278d070339cf144dcd7b4a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575485018c1bf62495d593ada6ef2edaedc6a32df99832a0e6b7bd709a566122
57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6252221fb7de0ea6398c1b27b70ce45d2aa964da3c2fd51835db1b53dea39961
6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed
64bb4431bd8d98ccc6a1c4699fdfca679bcbf6def71dc3572670d5d566b51752
66eddf1584c96f1fe2d74067ad4b58b1c4f554e389110f60780fa1efaffc4bfc
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
6cf729a4924106ac814ca631f79bc05f548b3f41af93b43dfa2bfbbe98c78921
6d61768a460c15e68d9b183274c879695f3506b3753f22771f9a0fbe260a8ce8
7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f894e35e6756cbfedfc53657fcbe490b2abe5e3d907b5fa2d1a6166407d2bd
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8fae0f3bb39fda801af799c1d32d64da08873e961137fcf456d29a178aa19397
93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
9a75af12fec0c32e9e2eed600db4ee7edfb70dee818e81c01b53ad1173227a0d
9d0cb43846aabb044f5393452e7309ba32a741fe358f1afd0a3448e5ce2c9c11
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9437edd4224c8c939b07f585089e985322bc678875f9bdd8b6c28f685e5fe16
aa2ef25b63d796fe32cada12fd0de5080d9a52ae9b68ae0497a42bf769dd42dd
ab69f842348dcfe5859c97a6cfd4792ab7f806418cdafc4e602c16cc20300c28
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c1291ab3b3d53b12b9c8d97f45bdee32cc947722e279c7619ae4591a15382c82
c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717
d3d3310d867bf5d6386849a83ea40a67726238952283b36692c2b42946cb6704
d6b917f157bfb62bac7457644f5e973c44a310d99508a0c22d2021411c244876
e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f020c1ba7ee0dce0c0b9679339e958e106734fc49aa2e856c8243b821ce83600
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
fbd2e8a0feed591439721c13d56d26a48c7ead703d98f9d568791ff225645051