urlscan.io logo urlscan.io
SecurityTrails logo

www.rbc.ua Open in urlscan Pro
2606:4700:20::681a:32f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rbc.ua/
Effective URL: https://www.rbc.ua/
Submission: On October 08 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 8 countries across 24 domains to perform 97 HTTP transactions. The main IP is 2606:4700:20::681a:32f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rbc.ua. The Cisco Umbrella rank of the primary domain is 142961.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2022. Valid for: a year.
This is the only time www.rbc.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 4 54.37.238.28 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 146.59.30.100 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 11 142.250.186.130 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 3 185.89.211.12 29990 (ASN-APPNEX)
2 216.58.212.162 15169 (GOOGLE)
1 37.187.27.147 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 18.197.134.247 16509 (AMAZON-02)
1 66.155.71.149 13768 (COGECO-PEER1)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 3.120.72.4 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 2600:9000:223... 16509 (AMAZON-02)
3 3 213.19.147.44 3356 (LEVEL3)
1 35.241.31.249 15169 (GOOGLE)
97 26
16    2606:4700:20::681a:32f (United States)

ASN13335 (CLOUDFLARENET, US)
rbc.ua
www.rbc.ua
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    54.37.238.28 (Poland)

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu
gaua.hit.gemius.pl
3    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.co.uk
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu
ls.hit.gemius.pl
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
7    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
googleads4.g.doubleclick.net
1    37.187.27.147 (France)

ASN16276 (OVH, FR)
PTR: js12.adlooxtracking.com
j.adlooxtracking.com
1    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    18.197.134.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-247.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    3.120.72.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-72-4.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2600:9000:223f:7800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com
data00.adlooxtracking.com
Apex Domain
Subdomains		 Transfer
23 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390
182 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
276 KB
16 rbc.ua
rbc.ua — Cisco Umbrella Rank: 138475
www.rbc.ua — Cisco Umbrella Rank: 142961
240 KB
8 gstatic.com
fonts.gstatic.com
101 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 136
2 KB
5 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2523
adservice.google.co.uk — Cisco Umbrella Rank: 3758
2 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 38918
ls.hit.gemius.pl — Cisco Umbrella Rank: 8598
20 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 430
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
3 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 796
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1306
2 KB
2 adlooxtracking.com
j.adlooxtracking.com — Cisco Umbrella Rank: 11009
data00.adlooxtracking.com — Cisco Umbrella Rank: 10140
27 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
72 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1879
574 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1009
439 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1227
759 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 14364
551 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 40187
611 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 941
191 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
91 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1003
642 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
97 24
Domain Requested by
15 www.rbc.ua www.rbc.ua
14 pagead2.googlesyndication.com www.rbc.ua
pagead2.googlesyndication.com
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
11 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
7 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 www.google.com www.rbc.ua
tpc.googlesyndication.com
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
www.rbc.ua
4 gaua.hit.gemius.pl 1 redirects www.rbc.ua
gaua.hit.gemius.pl
4 www.google-analytics.com www.rbc.ua
www.google-analytics.com
3 x.bidswitch.net 3 redirects
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 www.google.co.uk www.rbc.ua
3 stats.g.doubleclick.net www.google-analytics.com
2 sync.1rx.io 2 redirects
2 pm.w55c.net 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 www.googletagservices.com www.rbc.ua
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
1 data00.adlooxtracking.com j.adlooxtracking.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 p.rfihub.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 pixel-sync.sitescout.com 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
1 s0.2mdn.net 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
1 j.adlooxtracking.com googleads.g.doubleclick.net
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com www.rbc.ua
1 rbc.ua 1 redirects
97 35
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-14 -
2023-03-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adlooxtracking.com
R3		 2022-09-20 -
2022-12-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 11 frames:

Primary Page: https://www.rbc.ua/
Frame ID: EB44508A7ADC4A0F4E31D8A923B550FE
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Frame ID: A17268AAE1052FDD7A128E8C1BB21C11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3325851766052018&output=html&adk=1812271804&adf=3025194257&lmt=1665194814&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.rbc.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665194814007&bpp=3&bdt=285&idt=253&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2022200111957&frm=20&pv=2&ga_vid=151563351.1665194814&ga_sid=1665194814&ga_hid=2096672894&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44772927&oid=2&pvsid=2363470868012192&tmod=1969002287&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271
Frame ID: 4D37EF240F9F8AA1E347ACAD366E885A
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 75D205562CF04A1A3BA00BBD62966EF8
Requests: 1 HTTP requests in this frame

Frame: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8D29541A614CE01E8B2B7989713410AF
Requests: 1 HTTP requests in this frame

Frame: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 59A62FECD6E5EBC2BE0E6EA324D47279
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33719A4CD1E2A55B86647B82562944DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C825B6E9040FB779F5917B6AFFBE534
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXnPRN75Qjd9eX5VpO_17cp5Y52UQiE71bzM1hmCnDjtqUxIhiSA0X-0v9isdKEI4-4VKVsCbNfhJSRYBFut5jTgsQuKRaP4tW0JxPyDjrvjL0fBrI8P9et13Xne8ngNfMPw1eQqVZiW5NnNlgjzHrlIEeLXCcomWFnDc2Rw65NPxUb174
Frame ID: F9515FFDBE32E8414D0B2AC37CA36CCD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 844BF0EA5ECB622B7A1D01A16EA87C11
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 656C1025ED132216A0444BCF6C72EF93
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини - Останні новини України сьогодні | РБК-Україна

Page URL History Show full URLs

  1. http://rbc.ua/ HTTP 302
    https://www.rbc.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

97
Requests

89 %
HTTPS

53 %
IPv6

24
Domains

35
Subdomains

26
IPs

8
Countries

1036 kB
Transfer

2363 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rbc.ua/ HTTP 302
    https://www.rbc.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://gaua.hit.gemius.pl/_1665194814503/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=l3i7WNRKJ9Jl6U53lMQqTYDGkClK8dFL9TNJpCBCv8b.e74vwaHfPWfDCizlpfORhNUvS_dudXzpQamnZ0NqpfvOdZ0u/j6kxKqzMUGfKq/&ltime=214&fpdata=Opiw3ezJD0D4hAA5.7TrD0nHesE5Gj10XJFan9FxPV7.U7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1665194814503/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=l3i7WNRKJ9Jl6U53lMQqTYDGkClK8dFL9TNJpCBCv8b.e74vwaHfPWfDCizlpfORhNUvS_dudXzpQamnZ0NqpfvOdZ0u/j6kxKqzMUGfKq/&ltime=214&fpdata=Opiw3ezJD0D4hAA5.7TrD0nHesE5Gj10XJFan9FxPV7.U7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Request Chain 73
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-76_i_wfaYK3faEapOxEw&google_cver=1
Request Chain 74
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0DbPwGyP7R-J2PvVslYnAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-76_i_wfaYK3faEapOxEw&google_cver=1
Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMjsSmN-FS50AvQElujfPvg&google_cver=1
Request Chain 76
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxMjExNjA0MjE2NjM0NTM5NQ%3D%3D
Request Chain 87
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1OY8pvEwpTkjGKgQEbmLg&google_cver=1&google_push=AZmPxg9LTbtUBgzBWxrxyBgjFYs3_c0dn9CKuw6vcigB76Kn860w8r23TLlkjFJNVr3QnK_AYp-h-p7O4S6KlmgPbSJ2omqJQ2iH HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1OY8pvEwpTkjGKgQEbmLg&google_cver=1&google_push=AZmPxg9LTbtUBgzBWxrxyBgjFYs3_c0dn9CKuw6vcigB76Kn860w8r23TLlkjFJNVr3QnK_AYp-h-p7O4S6KlmgPbSJ2omqJQ2iH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S1N5dmkyeVAxT0daZVQ1&google_gid=CAESEA1OY8pvEwpTkjGKgQEbmLg&google_cver=1&google_push=AZmPxg9LTbtUBgzBWxrxyBgjFYs3_c0dn9CKuw6vcigB76Kn860w8r23TLlkjFJNVr3QnK_AYp-h-p7O4S6KlmgPbSJ2omqJQ2iH
Request Chain 89
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECEkOZJjU7l8ChTS3-L3xoo&google_cver=1&google_push=AZmPxg8bpr9okq_4K-Ig53uLWBiUUJZQBckSIz_s1pTgPJ3PGSFn1q-_hga8m_X4zkmWBfNK2R0U8Xjx-oRhbXl1OfmvkXAYyCP_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8bpr9okq_4K-Ig53uLWBiUUJZQBckSIz_s1pTgPJ3PGSFn1q-_hga8m_X4zkmWBfNK2R0U8Xjx-oRhbXl1OfmvkXAYyCP_&google_hm=SSIeFMntRHKcFWhUzjBpWmw
Request Chain 90
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECidmUoTR-Pwth_LnPfTNeQ&google_cver=1&google_push=AZmPxg9n5WYKQQbAaVQaR6sEwG7Fo8-rHp-nq63iSKT_dmlFHCRmtv-Hb4Dw8ZJSqvzyUMab4SN7cBOTlGvyYxYgBGiC2ui91WU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AnOqZ9cGQ2eeJr5MXUG8pA2&google_push=AZmPxg9n5WYKQQbAaVQaR6sEwG7Fo8-rHp-nq63iSKT_dmlFHCRmtv-Hb4Dw8ZJSqvzyUMab4SN7cBOTlGvyYxYgBGiC2ui91WU
Request Chain 91
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP6KHEskeqzbOlmGMdRA42s&google_cver=1&google_push=AZmPxg_W0KTPRgR7QMbr4FZ3Jjuhn4vdZxX9le0BzA14VqKMjh-4bXCQgX752yi8z4s28QfUyXRabsfApk6zH2aImgeG963TH6t4 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEP6KHEskeqzbOlmGMdRA42s&google_cver=1&google_push=AZmPxg_W0KTPRgR7QMbr4FZ3Jjuhn4vdZxX9le0BzA14VqKMjh-4bXCQgX752yi8z4s28QfUyXRabsfApk6zH2aImgeG963TH6t4 HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329522593380284&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_W0KTPRgR7QMbr4FZ3Jjuhn4vdZxX9le0BzA14VqKMjh-4bXCQgX752yi8z4s28QfUyXRabsfApk6zH2aImgeG963TH6t4&google_hm=iBoSQbA8SBCdjT_K2H5adQ==
Request Chain 92
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELZnzyWk9E4cy3Pes6XrgYE&google_cver=1&google_push=AZmPxg9yaX8AiEW0FNtEAo4xVqtlcfIdLPfVOaFV03sFIxoWg7SrgbZ9QlHsNqrmfXkinVjlZddAvF30tFuoeAyhl0ghrq_3_NAS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9yaX8AiEW0FNtEAo4xVqtlcfIdLPfVOaFV03sFIxoWg7SrgbZ9QlHsNqrmfXkinVjlZddAvF30tFuoeAyhl0ghrq_3_NAS
Request Chain 93
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBO903i3Ipe0Oag-B_GtGCo&google_cver=1&google_push=AZmPxg8ZH7ICLIU2RNiGmaK_yDzHV9-MxLQnFpi_bXxwJ1U_DBOdbHfGjD1yF9QMSUf-U7BgYFCItNLeITUKq7w960UQxawg7SZK HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg8ZH7ICLIU2RNiGmaK_yDzHV9-MxLQnFpi_bXxwJ1U_DBOdbHfGjD1yF9QMSUf-U7BgYFCItNLeITUKq7w960UQxawg7SZK&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1665194815441 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dce8367e-243d-4380-b1a0-a26ac71f9021-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8ZH7ICLIU2RNiGmaK_yDzHV9-MxLQnFpi_bXxwJ1U_DBOdbHfGjD1yF9QMSUf-U7BgYFCItNLeITUKq7w960UQxawg7SZK%26google_hm%3DA9zoNn4kPUOAsaCiascfkCE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8ZH7ICLIU2RNiGmaK_yDzHV9-MxLQnFpi_bXxwJ1U_DBOdbHfGjD1yF9QMSUf-U7BgYFCItNLeITUKq7w960UQxawg7SZK&google_hm=A9zoNn4kPUOAsaCiascfkCE

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rbc.ua/
Redirect Chain
  • http://rbc.ua/
  • https://www.rbc.ua/
170 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b413c731a49f264ef643191cb853b04bde53cfb095554fec018ccc1af919a42b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
756b51e0a90b7413-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 08 Oct 2022 02:06:53 GMT
id
2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar6k2dTjyaMcsA4g09Yg2YRLR1qyQc1WWsHofsT4ajm69R4uAKMoJmJmwyuZKf9bmGabbt4LbxCns7vgKVJx4uH8rYFLcf2mGY7zuMyorUN0bXOK%2Fgqd%2B6DGbnmP5s3JhZbFHoTzKhs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
User-Agent
x-cache
HIT
x-page-speed
1.13.35.2-0

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Max-Age
86400
CF-Cache-Status
DYNAMIC
CF-RAY
756b51dfa982892a-LHR
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Sat, 08 Oct 2022 02:06:53 GMT
Location
https://www.rbc.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21El1pqRfz%2Fu5vne3pQ3EpZx8Py9k6XZT5n%2FtRpbXOuSjkJPsw4eyqEuD1nedrohluUDDJ%2BKL15Sbf8slRshmqvqtQ%2FByjdy5RGR7rDObkxNaX5s5pLSFnF6jf%2BQcTwAbvVEpA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5951a2ded41941bf6c00b9866ce72f6d5301b48c4aa9938d6be734f7044b9b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 08 Oct 2022 02:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 08 Oct 2022 02:06:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 Oct 2022 02:06:53 GMT
big-logo.svg
www.rbc.ua/static/common/imgs/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/common/imgs/big-logo.svg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f020c1ba7ee0dce0c0b9679339e958e106734fc49aa2e856c8243b821ce83600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19118763
last-modified
Tue, 26 Jan 2021 09:25:46 GMT
server
cloudflare
srvb
app2-rbc.rbc.ua
etag
W/"600fe01a-14f5"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saIh54IDAhdGqeobhdJaxAObhR0cEiq5TB0eAJ0%2B0MEn7VUF4ZYlc481iLF4h5qItgJMA%2F3TOqISFT3izRh5R9HHZi0kCd8YC0tDM1Dx6ANiVJpGPwD%2FBiM9CYBYRv8BJfWHDodR2wM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
756b51e1d9957413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
upd_2_ukr.svg
www.rbc.ua/static/common/imgs/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/common/imgs/upd_2_ukr.svg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52763887b3ee62de1b38cc69f9e495deec57566c9914cb5b7fce604768c05713

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
191455
last-modified
Tue, 26 Jan 2021 09:25:46 GMT
server
cloudflare
etag
W/"600fe01a-12e3"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmdOnDbLQ3rQjakPxHkyAoTivbf%2Bn0HUuPCAs8wRPymOPVQTaesITfnIFMCv6lp952qMye10DVEw3tZqzLrUyqRVxWjzpXJqC67EAeTDcfHjXhj%2FICaUaIPghawM9vjjMkR64ml18O0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
756b51e1f9a67413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 08 Oct 2022 01:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3056
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 08 Oct 2022 03:15:57 GMT
3j0a1626_1300x820_1_1300x820_2_650x410.jpg
www.rbc.ua/static/img/3/j/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/3/j/3j0a1626_1300x820_1_1300x820_2_650x410.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7522bdb73aef101d720c307f2d22d35cefa0c034aaae7b908c16c9322b02c9ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11954
content-length
62213
cf-bgj
h2pri
last-modified
Fri, 07 Oct 2022 22:30:45 GMT
server
cloudflare
etag
"6340a895-f305"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma6rS5bt6L5tEfxLcildlJSzJEZ2dB2mUmPhzczqCKxTEVt5V7%2FovOdD3Y3JHvJlLC5K8UXUUwZLRB%2FKtTZIFVkdfoPB%2BbQxqcPGPjiU3SL%2BS8FLf9ZfhkFCdANG1eoro4ovtMHsVEE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209a87413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
_president_gov_ua_202_300x189.jpg
www.rbc.ua/static/img/_/p/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/_/p/_president_gov_ua_202_300x189.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4edd9af57d58c1f381a3cd03d5d49a89497d1e6f5ef6a96cb156321a44ef83

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6067
content-length
7819
cf-bgj
h2pri
last-modified
Fri, 07 Oct 2022 19:22:00 GMT
server
cloudflare
etag
"63407c58-1e8b"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvr%2Bq4yIt%2BBzxfKfmxHXQDN7rRvjAODveOt36mFEkMCRp%2BQMFz9dYPnKS87Bx8WgxzAdIN4UsIl7FBidwBqJdC3LbUxidM7IhCdic10KBmlQpTEDULFeYr7w1YEhp1aAyfcfMINX8Xg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209aa7413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
mil_gov_ua__naev_1300x820_1_300x189.jpg
www.rbc.ua/static/img/m/i/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/m/i/mil_gov_ua__naev_1300x820_1_300x189.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aba64b31457450ed0fc3ed597675418551691f678e067d8705aa57d758d8e89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25835
content-length
12744
cf-bgj
h2pri
last-modified
Fri, 07 Oct 2022 18:10:34 GMT
server
cloudflare
etag
"63406b9a-31c8"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X93EW11RqvHteChLdczHx9pMC2pCGL7Y96o5LqYBDoUVS%2FUg%2FCe9LWEXeZTcbUba4ME%2BrqTIQPCITFDpcMDIV9GQrLXGkd2jEBTEyK3HsDk5HksAkMsdlkIiLSq%2BV95cD2oqMGv7eHI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209ab7413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
3j0a3453_28_300x189.jpg
www.rbc.ua/static/img/3/j/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/3/j/3j0a3453_28_300x189.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f1924b1d27feb56f3a7ce3cfd3fbeea440f75797e480ee39f73fb1f227a0f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26249
content-length
14555
cf-bgj
h2pri
last-modified
Fri, 07 Oct 2022 18:45:53 GMT
server
cloudflare
etag
"634073e1-38db"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74AiYODhGX1xKZo4LtU6FxO2Km90EGMmnffVkVbHBratdy3RBgEAvqhLDohoJyrX0R1EB6zzr%2FKAqJ7Di7x%2BcmLPd1TIslK3GoD5Q7fA5Y5%2F4uvMcZ%2B9zYYtyivjMkiCoJLaH1leXJc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209ac7413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
switchblade600_foto_aerovironment_inc_2_300x189.jpg
www.rbc.ua/static/img/s/w/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/s/w/switchblade600_foto_aerovironment_inc_2_300x189.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
716937ffb0c161e895405bdbdf473baa7d9389bf56c35665dd2762eae3cd6e93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31932
content-length
7697
cf-bgj
h2pri
last-modified
Fri, 07 Oct 2022 16:37:35 GMT
server
cloudflare
etag
"634055cf-1e11"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHQ6YMsAO8R3VcDQeBRVuTPlsdeqRCBonZ7Pep5YIT3WpEykFZXqLPneuEogJixIxw%2BduaICX0H4BVMZIXTPh%2BB2ueqrMEmlhb3aMKbBlKEUFoelGXH37WIjlD%2FKdOI0EQiwktmuZT0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209ad7413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
pxl.gif
www.rbc.ua/static/common/imgs/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/common/imgs/pxl.gif
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3888564
content-length
807
server
cloudflare
etag
"600fe01a-327"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCRC4bk%2BicVLLG0zNYKnyBtH8jAY1HZc9hB8keT%2F106dotWGEsKdC6TMujrCD%2BmUmW1uaKs4zSHbKwp6kTDb2b12b7842srw%2BVPCoNrQdIHp0XomGlCBmbkYLWjBU5ZZ97aYUGtXf4o%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209af7413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
4__3__7_100x100.jpg
www.rbc.ua/static/img/4/_/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/4/_/4__3__7_100x100.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
983e01efb541530c468e1facfcd20a5eb7d8858f637eb2410788c8144df40986

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
414642
content-length
3184
cf-bgj
h2pri
server
cloudflare
etag
"62f392e2-c70"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5juXo7d5bGmGvB9w8ItouRTH%2FENlnGyggo%2FZ798hqyHlEtdpc0aG4V7m%2BvRo9n22tqze11AwaGTkCdABuVDmsANuAgIraJZuXbjwvSf8YEuxUX3h2DB4iaWuEE4Gu6%2FQlSPeJ%2FCdPw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209b07413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
2___2670_100x100.jpg
www.rbc.ua/static/img/2/_/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/2/_/2___2670_100x100.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63e304ec909a252c22d5bb42f34d957b49b1b01a3f9d0a39433f0a409999572

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5058260
content-length
2907
cf-bgj
h2pri
last-modified
Wed, 10 Aug 2022 11:55:17 GMT
server
cloudflare
etag
"62f39ca5-b5b"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TQJBKCjgar8UXHq2n8wQgYXfWD6OFimbfUQS5g%2BCYvzyo3MCeySuhALYhW1hABKZh5gY7xWE9ZJeG0ebCSTgmJawvvjb6xibiljjk9cLt%2FK2AQF5eBJRpvANrMDTFBRpWQxrNtrbL0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209b27413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
88130738_208146837063649_9152632615524630528_n_100x100.jpg
www.rbc.ua/static/img/8/8/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/8/8/88130738_208146837063649_9152632615524630528_n_100x100.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
309a34e01bae0d7e20cf231fccda6582a03416c2c7c4c442aef19ceefd55c54a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
668514
content-length
2780
cf-bgj
h2pri
last-modified
Mon, 28 Mar 2022 17:15:04 GMT
server
cloudflare
etag
"6241ed18-adc"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwyCCCSynqAAtgvOWPTBsg8GWh76fhdnxAYU4n4IDF80Wa2rVcjhvsA1bZiDzSgow%2B3Ufd5gUo6vzaQIP7MD3JmfuZ%2BagCGVPnDG9Xo0U%2Bz9WIWogcJ7kdMwptj6jcrl6syWo1nWrG4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209b37413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
____40548_100x100.jpg
www.rbc.ua/static/img/_/_/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/img/_/_/____40548_100x100.jpg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08cea27316fd2479e024bf25627efb4756f0e277f9afcdc7c34abbf40c12f2a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1953368
content-length
2417
cf-bgj
h2pri
server
cloudflare
etag
"6322f323-971"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiWNE3mAlgQQwhwYWyqqrPM%2FZ38wNFenHChRp2CQrqqV1RvYI0%2FR%2Ft8vBLs3PyRlwfSdNKi9jWfm5RePmyvY%2FgzMr8dITYn3tdUF0zFiG%2B3JhcpOjgvEb3dgpw9Xt5RJzLudRuIxtAM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
756b51e209b57413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
upd_2_rus.svg
www.rbc.ua/static/common/imgs/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ua/static/common/imgs/upd_2_rus.svg
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6252221fb7de0ea6398c1b27b70ce45d2aa964da3c2fd51835db1b53dea39961

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11103709
last-modified
Tue, 26 Jan 2021 09:25:46 GMT
server
cloudflare
etag
W/"600fe01a-14cb"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TuARyMrkewcN%2Bt%2BtFmQw3FdAlNGKVd9NyAe8QtWyZ%2BFLRh1kVEQEvQY2D46peDPjzaQf9XDvAIsv2R%2BHzJkfyhUcXkyQTSY7lBghhJuWni69BqEn4DeoU8NoossHIWAvyhAo6%2BxgG4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
756b51e209b67413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.js
www.rbc.ua/static/production/ 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbc.ua/static/production/desktop.js?1.55
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b917f157bfb62bac7457644f5e973c44a310d99508a0c22d2021411c244876

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
content-encoding
br
cf-cache-status
HIT
x-original-content-length
208979
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14150814
server
cloudflare
etag
W/"6268edc1-33053"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTkUbpZSt9ndKUDrsDsCwAVEjabegD2K9Av8RQNXQ7EqSSIOQRyrATy47ELNRXxP%2FZDr%2F4ou1JcVbfPxW3Jl7EWCPQLC9rzGh3oDaoQf%2FvGTJ8eZIWEifGiuqrQ0mwH510e8zfmDej4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
756b51e209b77413-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		162 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59e7381567c22349042a07538afab4678196e35bbedbd993287c695b981ecd46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54543
x-xss-protection
0
server
cafe
etag
17635519997092363865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 02:06:53 GMT
truncated
/ 		610 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9437edd4224c8c939b07f585089e985322bc678875f9bdd8b6c28f685e5fe16

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b27787017d71ed2a0b92667c109eec42c4fe5722866b86c4185c64111fb0ea7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
575485018c1bf62495d593ada6ef2edaedc6a32df99832a0e6b7bd709a566122

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		904 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab69f842348dcfe5859c97a6cfd4792ab7f806418cdafc4e602c16cc20300c28

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 16:44:52 GMT
x-content-type-options
nosniff
age
379322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:45:44 GMT
x-content-type-options
nosniff
age
321670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9576
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 08:45:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 13:27:29 GMT
x-content-type-options
nosniff
age
45565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Oct 2023 13:27:29 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 12:55:48 GMT
x-content-type-options
nosniff
age
393066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9840
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 12:55:48 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 12:56:05 GMT
x-content-type-options
nosniff
age
393049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 12:56:05 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 20:40:44 GMT
x-content-type-options
nosniff
age
19570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Oct 2023 20:40:44 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:17:14 GMT
x-content-type-options
nosniff
age
373780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 18:17:14 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rbc.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 19:36:30 GMT
x-content-type-options
nosniff
age
369024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:36:30 GMT
xgemius.js
gaua.hit.gemius.pl/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
last-modified
Fri, 30 Sep 2022 13:21:50 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
15975
expires
Sat, 08 Oct 2022 14:06:54 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11428483-1&cid=151563351.1665194814&jid=515760977&gjid=1642994439&_gid=1253595991.1665194814&_u=YGDAgEABAAAAAEAAI~&z=2067916039
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2096672894&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAAI~&jid=514136429&gjid=2132919909&cid=151563351.1665194814&tid=UA-11428483-16&_gid=1253595991.1665194814&_r=1&_slc=1&z=1491086745
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2096672894&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAAI~&jid=943486810&gjid=1281806539&cid=151563351.1665194814&tid=UA-11428483-19&_gid=1253595991.1665194814&_r=1&_slc=1&z=944441306
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2096672894&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAAAAI~&jid=515760977&gjid=1642994439&cid=151563351.1665194814&tid=UA-11428483-1&_gid=1253595991.1665194814&cd3=business&cd5=2001%3Aac8%3A21%3Ae%3A%3A6&cd6=2001%3Aac8%3A21%3Ae%3A%3A6&z=319894910
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Oct 2022 17:07:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32350
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 		349 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b060ab77d7936f01366713129755ab42a8a0d9dfeb36895c1de2f35b16ff92c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117213
x-xss-protection
0
server
cafe
etag
13354468531409598376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 02:06:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/ Frame A172 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
66525
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Oct 2022 07:38:09 GMT
etag
9671129459699598864
expires
Fri, 21 Oct 2022 07:38:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f1812a74374641914df57de47dd317dc5bc04fc1ea27d809af73ad947c7ff70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27721
x-xss-protection
0
server
sffe
etag
"1357 / 289 of 1000 / last-modified: 1665180320"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 08 Oct 2022 02:06:54 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11428483-16&cid=151563351.1665194814&jid=514136429&gjid=2132919909&_gid=1253595991.1665194814&_u=YGDAAEABAAAAAGAAI~&z=83465163
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11428483-19&cid=151563351.1665194814&jid=943486810&gjid=1281806539&_gid=1253595991.1665194814&_u=YGDAAEABAAAAAGAAI~&z=1991528709
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbc.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-16&cid=151563351.1665194814&jid=514136429&_u=YGDAAEABAAAAAGAAI~&z=297052885
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-16&cid=151563351.1665194814&jid=514136429&_u=YGDAAEABAAAAAGAAI~&z=297052885
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-1&cid=151563351.1665194814&jid=515760977&_u=YGDAgEABAAAAAEAAI~&z=1400169875
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-1&cid=151563351.1665194814&jid=515760977&_u=YGDAgEABAAAAAEAAI~&z=1400169875
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-19&cid=151563351.1665194814&jid=943486810&_u=YGDAAEABAAAAAGAAI~&z=960376071
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-19&cid=151563351.1665194814&jid=943486810&_u=YGDAAEABAAAAAGAAI~&z=960376071
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022100501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 19:03:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25409
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131414
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:35:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 07 Oct 2023 19:03:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		264 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.rbc.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5ea6aa76900136ed243cf3076d034e4753f56b010f20aa5996d089adceab008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138
x-xss-protection
0
expires
Sat, 08 Oct 2022 02:06:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		210 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.rbc.ua&callback=_gfp_s_&client=ca-pub-3325851766052018
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55bc6b53417d3153185f19efe6dd91614646cda8d8b71af3f3434c41144b83eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.rbc.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.rbc.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.rbc.ua%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4D37 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3325851766052018&output=html&adk=1812271804&adf=3025194257&lmt=1665194814&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.rbc.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665194814007&bpp=3&bdt=285&idt=253&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2022200111957&frm=20&pv=2&ga_vid=151563351.1665194814&ga_sid=1665194814&ga_hid=2096672894&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44772927&oid=2&pvsid=2363470868012192&tmod=1969002287&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 02:06:54 GMT
expires
Sat, 08 Oct 2022 02:06:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fpdata.js
gaua.hit.gemius.pl/ 		275 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=www.rbc.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
f72be510bc5d22141547745a87e36d2f30bdf5e92c20a5f2ae873f861e358086

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
275
expires
Mon, 07 Nov 2022 02:06:54 GMT
lsget.html
ls.hit.gemius.pl/ Frame 75D2 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-146-59-30.eu
Software
GHC /
Resource Hash
0977e4169a0ecf59b4d8f488b6eb95757b61ca31222cc6b7eb8f47137b1c04b2

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2720
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 02:06:54 GMT
etag
PRIVATE7520710249
expires
Mon, 07 Nov 2022 02:06:54 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.rbc.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.rbc.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2363470868012192&correlator=2899344072765030&eid=31069634%2C31070166&output=ldjh&gdfp_req=1&vrg=2022100501&ptt=17&impl=fifs&iu_parts=67465299%2CRBC_main_pages_premium_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3409417865&sfv=1-0-38&fsapi=false&cust_params=site_variables%3Drus%252Cwwwsite&sc=1&cookie=ID%3Df737253846fac6cd-229f1a593cce00b8%3AT%3D1665194814%3ART%3D1665194814%3AS%3DALNI_MagRQbLjBlLWiN8e8coRbGhPyBhKw&abxe=1&dt=1665194814483&lmt=1665194814&dlt=1665194813722&idt=739&adxs=1150&adys=533&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.rbc.ua%2F&frm=20&vis=1&psz=300x2362&msz=300x-1&fws=0&ohw=0&ga_vid=151563351.1665194814&ga_sid=1665194814&ga_hid=2096672894&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b5b7b749347914a655856a84ebbd73acddf7a2eec43733e04570decff287ae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10031
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.rbc.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D29 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 02:06:54 GMT
expires
Sun, 08 Oct 2023 02:06:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rexdot.js
gaua.hit.gemius.pl/__/_1665194814503/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1665194814503/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww...
  • https://gaua.hit.gemius.pl/__/_1665194814503/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...
169 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1665194814503/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=l3i7WNRKJ9Jl6U53lMQqTYDGkClK8dFL9TNJpCBCv8b.e74vwaHfPWfDCizlpfORhNUvS_dudXzpQamnZ0NqpfvOdZ0u/j6kxKqzMUGfKq/&ltime=214&fpdata=Opiw3ezJD0D4hAA5.7TrD0nHesE5Gj10XJFan9FxPV7.U7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H2
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
f867278377c5578383d4d5f7650fa21f7373b063611d392178b774c3867a34da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Fri, 07 Oct 2022 02:06:54 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1665194814503/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=l3i7WNRKJ9Jl6U53lMQqTYDGkClK8dFL9TNJpCBCv8b.e74vwaHfPWfDCizlpfORhNUvS_dudXzpQamnZ0NqpfvOdZ0u/j6kxKqzMUGfKq/&ltime=214&fpdata=Opiw3ezJD0D4hAA5.7TrD0nHesE5Gj10XJFan9FxPV7.U7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 07 Oct 2022 02:06:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d3a6da9f48321b3fe7201bdea2a5dc54a8b8767ed5be780f1fc7aafe4265dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11174
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 08 Oct 2022 02:06:54 GMT
container.html
4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 59A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 02:06:54 GMT
expires
Sun, 08 Oct 2023 02:06:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3371 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
31124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Oct 2022 17:28:11 GMT
expires
Sat, 07 Oct 2023 17:28:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7C82 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b16d47ed64568d693f127ea82b50a49057826754f5c571757dcf1e5f11f63676
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QSdSglNKKdfPIMONe93kpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rbc.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-QSdSglNKKdfPIMONe93kpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 02:06:55 GMT
expires
Sat, 08 Oct 2022 02:06:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame F951 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXnPRN75Qjd9eX5VpO_17cp5Y52UQiE71bzM1hmCnDjtqUxIhiSA0X-0v9isdKEI4-4VKVsCbNfhJSRYBFut5jTgsQuKRaP4tW0JxPyDjrvjL0fBrI8P9et13Xne8ngNfMPw1eQqVZiW5NnNlgjzHrlIEeLXCcomWFnDc2Rw65NPxUb174
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 02:06:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 59A6 		74 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbX8ioaVLbgkj4tpF05L7LLlkuYixv0HshJj7ufVKIhV7t7-aRVLptkvlQNf0cU0jLx2XuxERlaYpOr7P-Tbzg5Yg-TQ&cry=1&dbm_d=AKAmf-BCUtSmMhQ9pxuku9oo4ZHZRvZNwH5FTRBHCb1L4t2lgUkK3BHfXP869Qfv5nehuEJdB0AfAt5NUzEUJ48AZFr05q9tgokvvSO9vXn_TiJoCSgmnlUAGzjwphKLbd5cF058S97oohX-kvmyEplX5eofPpwGVJrLwCUSoDkdS5PX8lO9jUyjRBrJF82hHTK5exNUT9BU-3hvfL6o8AXhACvF9g7n7koLjndOBz-qV35Sm-1Ab0IamxtqRVW25ocZQRyZ-jjRUt4CvP_9r1KXrMufJZ7KiIWSzZ5ekZH_xIhJ4rBIn--amoQrx17IXcIA7-7Wa45Yw4K8jk0QjKcP3tqWbQubX8pDKAXc8jGaeiqsQbtwZrSLr2AVowz1qjtdQ9l48PJT1aIrY4qHDZDtbKeuUCnlHHcgZjvHSFSUlHjDBTBo2Ho1eva4uOC-kzOiiKlne6mLKG1FJtj8Q1HLzKNhXiyU0TKcEMx6TZvK66bD3vRSqMT5Vw3VxAOHEcTRaEuzeIRe40WHZEFR--7584F0m_9THLBNDv1VRAw_YkmvxyZ7osH-mFfBYSRooR5ZffT_MuutZZWUEvSvoheUvnaKuEx3VEGnEW-Y1M27u7SujZ8YagxhmVyQlJt3Xk5Y7FRtTf0ybKJwHnk0Wds9UayL0zU5popA7gft62zTxCZ9G4jxZ2HkvtCoJ5-E9XjBw6-71YZD7VOuYZ-636O9Otvov1XMj4tfTOBTrR1jkDD3_1m9vm4ZAgpAfinrlqR3CqCSFX2HH7vQYJ-NhKS_ex2x_BC6DT2gvPu9TKCcExf-QDm0vuRX5YXMQZFvfZAvtSbwrcK46INvnDmqVUWJYtzXyWSsOK8b5BWhIfpD4sk09mtCL5ywIS0cuxFFE0nzZjr3lYhrutmeUYyjtq_51PqaiioMxmgDX79bwvH6E3s3BTVy8AoHKGjprmf54lykWOmjUEDUo8Awr4l66TSHGl3ujCBAKy3lOxifETEkJO3mM-NMgfpEKfkPS8mrwYfH9EPuUbHAjLPRYCUnTupKrU3O7VHZUEmtSoTjlF5M0boFlDAiRSpXfvUu-rMzaxLwhf1AI9of4QqgiW9MrUgDlsqsHnohZAS9L0gkD0B7R2zYgeZCeZ2ZZBJSsn9mlhMl-5gJcKMrziTmt0drfBxjiPACuVKa72WfWjd88QFSDmESIxx23W4dja7mKNkshO3xq7O8g2jHdO24R28b2svliX5p73oEas719zK6heJSUEra9hxYceSbIX5YUi0bcAGOYjKTMkLwjIDf0c8h5wrxx88J-0lHbYz19Ra-AJHjMIULyRNBO7zSXWI1w60Ldd4PUOLx_HnoOxamHllyhBtRUo1KSSPfPhvy7a12w5k-ys68bv7iz6rw0e2EdOkfSxf_DGbgZIykuAVmLOKomVUL06Zkum9v6HhYAXhIaPXjZ6v35gYqk_cNi49VWmdIVf-XW6HcIbH4vUGdcaXodJC6_mb7J1gO09291Tfhpr7ASBUfLqWHpmFyiKwcTL537pbqWyXQZbfpUDRr4nv1zqy1DBd6nXEg2wuJvCTvjweZd9c-tG9rT1ASxnCeDgW2dXycJm84fus9_PmK4Jl9exd9R6r--b3IY4UvphtqcicmKOI0CvDUlHg8wgeOPAUWnmqnYLfSaTZpUTHQnd7EO37OahPVj32LqAFkP8PQaWPE28xlBFb67Dmq8AfshDF1oZ852raMjpVu9ttlju-LFNX0rTtRZEE-FwYPry_FK5Fbl7JgdqdU_kWzTqRsNDm7xvyGEQZIj4Vm2gl2Xwv4kZzuUJIaovhcfNQjG2OOyoR0ShIp1mRcOUpxegmJzexRS8KnYhbuIw0Ar57EakmCHhpF5I470lyOnI6wBbTjHU1JMnl_zHqQjEvuNTd9x-IC2scpl-apNnOKTEhoja0QtEYY9lFfJ0IEjnvy18j7X2fWgX5xpRS9cbKBrqNwoEskXCpWOzdN2jKHM_lQjsyvZTwdYRY2_dqHB_ovG3YuVZCe_VyCg3rmCNJ5r69TN19gNhqTpfUv7jVFioZvOTxNfpYDkOpTcQXUPHPfs6qZvsg3AAVYmMwUZYFRg_8VEfNkWDo8C9nCxElPqAakX9qsFrGgMCHc5BixygEVAyqiWm4_QssVw3dZ3fnU69i9m4kb4BNT3S3LbQzOFd5NSToLyYVsmMextk2ZGgTg069UWrnqe-ceaOQ0WSnmagvsANgt78konU73GL5pjKoZ0KLUkX9ypJgslgAoEJAU5CI-kJgp2vnoZmjNyeBwjrwz8m0WXwvohVGg6O8fHn1-WErkCKMYWWnzqBBi1jnTIe5mNBJRIuRaTY51kSLgo_uTCdVGaFGlUGMOT86pmWHUJy_PR-mTw6FStH7laxyMhXuANyLGkw-XJtXhAr-GHYDuOAv7-Uufm3krxfOSbpQlTvozuRvSl3I2WHeFSDSiwNT2GYQJ_asAEFF8TGNKZ4w0502l3DM7tp5yLXyrhMLxjydQRg9lX5RXeqXLq4J7Q3l5PsOqkj2ZKs1uoml8AYLZTQeMp7x-MoywwJgBw9ntu6wbHgDE2j-dKUFFmh2220lWfChsRUCqqZaGxVyTNlZGgFUw9fFGuKo33Bes9MOWwASxNO_IV5Wg9YiVF6LMIAgfQogGuoPYhydbFYZiA4JEen09cbumEMpWwVsrjWW6qMbwuSuyxSoyU918rlTgU1eAweHyGevX3waN3hjfRuEmkR1GumSLiXD7572a-HqwnrKaJlsmMwb1szVoaxI_-FbtK4gJJm6ABZ2yPQQbMqj7jrvJGWjkCLHI_FAYr0tN8jn5Sy4nhnnnqjkEyqnyrugviy4kfE2dn88ARHd6cybst9vtGNGF-7at3Qx7HRJ52Lt4-Ml9uTRAOd1-amPrMsl_i4Wikd3OgVmeMXzjMMXaSpcp_zRYe1CufcNEH8CpP08MRdIhjnJ680EJSei11foR1IhgeTbd1wN8MzhDpYMCh-ipi8_tXqr6GB_3fnRaCc0oUmQxwQ0r8BWuUjT7Oa7o8yDGcnDw1cx2jL3d01z0t_AxhvHuyW_fDKuKaNB5SlEyLN2qSvHRAP-aT11VcF-t3DsEBqO8r2WTzmxe_4jBTzf7iSN1hhCExE8P9mQL-dlj_ErRdRyilqxfpTZO_eMz-JIo0KZONJF00L3rSTERThK3_EfBNYbRTXLYf7AheFc8IrpE-LNRA97XwoCgI-DRLZRy3zUhp3TGqwkT61ZV0IzfQC66O4Lk_gqI58UOtJRy8tnPdB3XH2syzoxb0NQ15d4M1ISST2kJfF2sRboYpdaPox-LvSTWRtaVpl1IsTjvY4_BRLc1SUBhl8ySE3wcBY5dD3D0hpViriumh8tZSoKN3NdlqQhn7lgUTuRFV0gVx1YlSyHX3ydRGMUBAmZZdFf3ZvUKwZDqg9r6AaeZtYkj2bYRIylYtHIlTtCXQa0cL0UTrE99SBQjqY-SXvYbW0ZL8_OZBSKOdt9cUYDe5PtHTAGlv36bdAdyedVgDGxBV2OgOCtSedqAeBoN6t3kHQaSES0gtAx53kJ4AUoSDBbss6j_9AP2O5Iu_e8yCEt0riw5pT8BF7vIRkfeAYe_Y8O9I8RgRF2E4IoGNmBvmmSmG2OuM05b8Xi3yat_UdFujVrykZvy1ezCn_Yiao6yHbn31f8kqgZUZ7Q&cid=CAASJeRoPZPTxluposP_b5ofjGUbu6lMiBRGvWqEwbpQGFBGgOsmqOs&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Requested by
Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1227c5ccf5e239153488648e9cd4d805af4260a069fcb7dbd43f1ed641a634e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34974
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 59A6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3zNeCOwQGB3aGjLDk9ibXCDsGoscXe9sEvpgIfyY6HT3X6O85Alw8Pr2Tc_IH0G59qsOTizLYKOij2kOOQ2k8l6lxAcXo6zMo8IzF3Zn7r0eomHk
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 59A6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 01:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 01:40:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 59A6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 01:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 01:25:47 GMT
l
www.google.com/ads/measurement/ Frame 59A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7_UHPLXnlROwte7fcloWmMzDU7bReGlcliE1SQdn-7tf07CyP5fTWSVFIA3P7a-l92OdTDj4d3q77IOLfjkUMko5Saw
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 59A6 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 08 Oct 2022 02:06:55 GMT
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame 3371 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 15:57:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7C82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=2363470868012192&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame F951
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-76_i_wfaYK3faEapOxEw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-76_i_wfaYK3faEapOxEw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXnPRN75Qjd9eX5VpO_17cp5Y52UQiE71bzM1hmCnDjtqUxIhiSA0X-0v9isdKEI4-4VKVsCbNfhJSRYBFut5jTgsQuKRaP4tW0JxPyDjrvjL0fBrI8P9et13Xne8ngNfMPw1eQqVZiW5NnNlgjzHrlIEeLXCcomWFnDc2Rw65NPxUb174
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 Oct 2022 02:06:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-76_i_wfaYK3faEapOxEw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F951
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0DbPwGyP7R-J2PvVslYnAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-76_i_wfaYK3faEapOxEw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-76_i_wfaYK3faEapOxEw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXnPRN75Qjd9eX5VpO_17cp5Y52UQiE71bzM1hmCnDjtqUxIhiSA0X-0v9isdKEI4-4VKVsCbNfhJSRYBFut5jTgsQuKRaP4tW0JxPyDjrvjL0fBrI8P9et13Xne8ngNfMPw1eQqVZiW5NnNlgjzHrlIEeLXCcomWFnDc2Rw65NPxUb174
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 Oct 2022 02:06:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-76_i_wfaYK3faEapOxEw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F951
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMjsSmN-FS50AvQElujfPvg&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMjsSmN-FS50AvQElujfPvg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXnPRN75Qjd9eX5VpO_17cp5Y52UQiE71bzM1hmCnDjtqUxIhiSA0X-0v9isdKEI4-4VKVsCbNfhJSRYBFut5jTgsQuKRaP4tW0JxPyDjrvjL0fBrI8P9et13Xne8ngNfMPw1eQqVZiW5NnNlgjzHrlIEeLXCcomWFnDc2Rw65NPxUb174
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 Oct 2022 02:06:55 GMT
AN-X-Request-Uuid
307e9552-39e5-4b82-bd42-d2d4ca8a21ff
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMjsSmN-FS50AvQElujfPvg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F951
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxMjExNjA0MjE2NjM0NTM5NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxMjExNjA0MjE2NjM0NTM5NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXnPRN75Qjd9eX5VpO_17cp5Y52UQiE71bzM1hmCnDjtqUxIhiSA0X-0v9isdKEI4-4VKVsCbNfhJSRYBFut5jTgsQuKRaP4tW0JxPyDjrvjL0fBrI8P9et13Xne8ngNfMPw1eQqVZiW5NnNlgjzHrlIEeLXCcomWFnDc2Rw65NPxUb174
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 Oct 2022 02:06:55 GMT
AN-X-Request-Uuid
6fda5380-d40d-4e3c-800f-43fc8b588148
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxMjExNjA0MjE2NjM0NTM5NQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 59A6 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbX8ioaVLbgkj4tpF05L7LLlkuYixv0HshJj7ufVKIhV7t7-aRVLptkvlQNf0cU0jLx2XuxERlaYpOr7P-Tbzg5Yg-TQ&cry=1&dbm_d=AKAmf-BCUtSmMhQ9pxuku9oo4ZHZRvZNwH5FTRBHCb1L4t2lgUkK3BHfXP869Qfv5nehuEJdB0AfAt5NUzEUJ48AZFr05q9tgokvvSO9vXn_TiJoCSgmnlUAGzjwphKLbd5cF058S97oohX-kvmyEplX5eofPpwGVJrLwCUSoDkdS5PX8lO9jUyjRBrJF82hHTK5exNUT9BU-3hvfL6o8AXhACvF9g7n7koLjndOBz-qV35Sm-1Ab0IamxtqRVW25ocZQRyZ-jjRUt4CvP_9r1KXrMufJZ7KiIWSzZ5ekZH_xIhJ4rBIn--amoQrx17IXcIA7-7Wa45Yw4K8jk0QjKcP3tqWbQubX8pDKAXc8jGaeiqsQbtwZrSLr2AVowz1qjtdQ9l48PJT1aIrY4qHDZDtbKeuUCnlHHcgZjvHSFSUlHjDBTBo2Ho1eva4uOC-kzOiiKlne6mLKG1FJtj8Q1HLzKNhXiyU0TKcEMx6TZvK66bD3vRSqMT5Vw3VxAOHEcTRaEuzeIRe40WHZEFR--7584F0m_9THLBNDv1VRAw_YkmvxyZ7osH-mFfBYSRooR5ZffT_MuutZZWUEvSvoheUvnaKuEx3VEGnEW-Y1M27u7SujZ8YagxhmVyQlJt3Xk5Y7FRtTf0ybKJwHnk0Wds9UayL0zU5popA7gft62zTxCZ9G4jxZ2HkvtCoJ5-E9XjBw6-71YZD7VOuYZ-636O9Otvov1XMj4tfTOBTrR1jkDD3_1m9vm4ZAgpAfinrlqR3CqCSFX2HH7vQYJ-NhKS_ex2x_BC6DT2gvPu9TKCcExf-QDm0vuRX5YXMQZFvfZAvtSbwrcK46INvnDmqVUWJYtzXyWSsOK8b5BWhIfpD4sk09mtCL5ywIS0cuxFFE0nzZjr3lYhrutmeUYyjtq_51PqaiioMxmgDX79bwvH6E3s3BTVy8AoHKGjprmf54lykWOmjUEDUo8Awr4l66TSHGl3ujCBAKy3lOxifETEkJO3mM-NMgfpEKfkPS8mrwYfH9EPuUbHAjLPRYCUnTupKrU3O7VHZUEmtSoTjlF5M0boFlDAiRSpXfvUu-rMzaxLwhf1AI9of4QqgiW9MrUgDlsqsHnohZAS9L0gkD0B7R2zYgeZCeZ2ZZBJSsn9mlhMl-5gJcKMrziTmt0drfBxjiPACuVKa72WfWjd88QFSDmESIxx23W4dja7mKNkshO3xq7O8g2jHdO24R28b2svliX5p73oEas719zK6heJSUEra9hxYceSbIX5YUi0bcAGOYjKTMkLwjIDf0c8h5wrxx88J-0lHbYz19Ra-AJHjMIULyRNBO7zSXWI1w60Ldd4PUOLx_HnoOxamHllyhBtRUo1KSSPfPhvy7a12w5k-ys68bv7iz6rw0e2EdOkfSxf_DGbgZIykuAVmLOKomVUL06Zkum9v6HhYAXhIaPXjZ6v35gYqk_cNi49VWmdIVf-XW6HcIbH4vUGdcaXodJC6_mb7J1gO09291Tfhpr7ASBUfLqWHpmFyiKwcTL537pbqWyXQZbfpUDRr4nv1zqy1DBd6nXEg2wuJvCTvjweZd9c-tG9rT1ASxnCeDgW2dXycJm84fus9_PmK4Jl9exd9R6r--b3IY4UvphtqcicmKOI0CvDUlHg8wgeOPAUWnmqnYLfSaTZpUTHQnd7EO37OahPVj32LqAFkP8PQaWPE28xlBFb67Dmq8AfshDF1oZ852raMjpVu9ttlju-LFNX0rTtRZEE-FwYPry_FK5Fbl7JgdqdU_kWzTqRsNDm7xvyGEQZIj4Vm2gl2Xwv4kZzuUJIaovhcfNQjG2OOyoR0ShIp1mRcOUpxegmJzexRS8KnYhbuIw0Ar57EakmCHhpF5I470lyOnI6wBbTjHU1JMnl_zHqQjEvuNTd9x-IC2scpl-apNnOKTEhoja0QtEYY9lFfJ0IEjnvy18j7X2fWgX5xpRS9cbKBrqNwoEskXCpWOzdN2jKHM_lQjsyvZTwdYRY2_dqHB_ovG3YuVZCe_VyCg3rmCNJ5r69TN19gNhqTpfUv7jVFioZvOTxNfpYDkOpTcQXUPHPfs6qZvsg3AAVYmMwUZYFRg_8VEfNkWDo8C9nCxElPqAakX9qsFrGgMCHc5BixygEVAyqiWm4_QssVw3dZ3fnU69i9m4kb4BNT3S3LbQzOFd5NSToLyYVsmMextk2ZGgTg069UWrnqe-ceaOQ0WSnmagvsANgt78konU73GL5pjKoZ0KLUkX9ypJgslgAoEJAU5CI-kJgp2vnoZmjNyeBwjrwz8m0WXwvohVGg6O8fHn1-WErkCKMYWWnzqBBi1jnTIe5mNBJRIuRaTY51kSLgo_uTCdVGaFGlUGMOT86pmWHUJy_PR-mTw6FStH7laxyMhXuANyLGkw-XJtXhAr-GHYDuOAv7-Uufm3krxfOSbpQlTvozuRvSl3I2WHeFSDSiwNT2GYQJ_asAEFF8TGNKZ4w0502l3DM7tp5yLXyrhMLxjydQRg9lX5RXeqXLq4J7Q3l5PsOqkj2ZKs1uoml8AYLZTQeMp7x-MoywwJgBw9ntu6wbHgDE2j-dKUFFmh2220lWfChsRUCqqZaGxVyTNlZGgFUw9fFGuKo33Bes9MOWwASxNO_IV5Wg9YiVF6LMIAgfQogGuoPYhydbFYZiA4JEen09cbumEMpWwVsrjWW6qMbwuSuyxSoyU918rlTgU1eAweHyGevX3waN3hjfRuEmkR1GumSLiXD7572a-HqwnrKaJlsmMwb1szVoaxI_-FbtK4gJJm6ABZ2yPQQbMqj7jrvJGWjkCLHI_FAYr0tN8jn5Sy4nhnnnqjkEyqnyrugviy4kfE2dn88ARHd6cybst9vtGNGF-7at3Qx7HRJ52Lt4-Ml9uTRAOd1-amPrMsl_i4Wikd3OgVmeMXzjMMXaSpcp_zRYe1CufcNEH8CpP08MRdIhjnJ680EJSei11foR1IhgeTbd1wN8MzhDpYMCh-ipi8_tXqr6GB_3fnRaCc0oUmQxwQ0r8BWuUjT7Oa7o8yDGcnDw1cx2jL3d01z0t_AxhvHuyW_fDKuKaNB5SlEyLN2qSvHRAP-aT11VcF-t3DsEBqO8r2WTzmxe_4jBTzf7iSN1hhCExE8P9mQL-dlj_ErRdRyilqxfpTZO_eMz-JIo0KZONJF00L3rSTERThK3_EfBNYbRTXLYf7AheFc8IrpE-LNRA97XwoCgI-DRLZRy3zUhp3TGqwkT61ZV0IzfQC66O4Lk_gqI58UOtJRy8tnPdB3XH2syzoxb0NQ15d4M1ISST2kJfF2sRboYpdaPox-LvSTWRtaVpl1IsTjvY4_BRLc1SUBhl8ySE3wcBY5dD3D0hpViriumh8tZSoKN3NdlqQhn7lgUTuRFV0gVx1YlSyHX3ydRGMUBAmZZdFf3ZvUKwZDqg9r6AaeZtYkj2bYRIylYtHIlTtCXQa0cL0UTrE99SBQjqY-SXvYbW0ZL8_OZBSKOdt9cUYDe5PtHTAGlv36bdAdyedVgDGxBV2OgOCtSedqAeBoN6t3kHQaSES0gtAx53kJ4AUoSDBbss6j_9AP2O5Iu_e8yCEt0riw5pT8BF7vIRkfeAYe_Y8O9I8RgRF2E4IoGNmBvmmSmG2OuM05b8Xi3yat_UdFujVrykZvy1ezCn_Yiao6yHbn31f8kqgZUZ7Q&cid=CAASJeRoPZPTxluposP_b5ofjGUbu6lMiBRGvWqEwbpQGFBGgOsmqOs&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3600d5d161593a066ed57bfa0f44230fd55d0fbf709e0517c7a30e69b4eef59b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 01:56:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11696
x-xss-protection
0
server
cafe
etag
3440521625644817407
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 01:56:08 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame 59A6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbX8ioaVLbgkj4tpF05L7LLlkuYixv0HshJj7ufVKIhV7t7-aRVLptkvlQNf0cU0jLx2XuxERlaYpOr7P-Tbzg5Yg-TQ&cry=1&dbm_d=AKAmf-BCUtSmMhQ9pxuku9oo4ZHZRvZNwH5FTRBHCb1L4t2lgUkK3BHfXP869Qfv5nehuEJdB0AfAt5NUzEUJ48AZFr05q9tgokvvSO9vXn_TiJoCSgmnlUAGzjwphKLbd5cF058S97oohX-kvmyEplX5eofPpwGVJrLwCUSoDkdS5PX8lO9jUyjRBrJF82hHTK5exNUT9BU-3hvfL6o8AXhACvF9g7n7koLjndOBz-qV35Sm-1Ab0IamxtqRVW25ocZQRyZ-jjRUt4CvP_9r1KXrMufJZ7KiIWSzZ5ekZH_xIhJ4rBIn--amoQrx17IXcIA7-7Wa45Yw4K8jk0QjKcP3tqWbQubX8pDKAXc8jGaeiqsQbtwZrSLr2AVowz1qjtdQ9l48PJT1aIrY4qHDZDtbKeuUCnlHHcgZjvHSFSUlHjDBTBo2Ho1eva4uOC-kzOiiKlne6mLKG1FJtj8Q1HLzKNhXiyU0TKcEMx6TZvK66bD3vRSqMT5Vw3VxAOHEcTRaEuzeIRe40WHZEFR--7584F0m_9THLBNDv1VRAw_YkmvxyZ7osH-mFfBYSRooR5ZffT_MuutZZWUEvSvoheUvnaKuEx3VEGnEW-Y1M27u7SujZ8YagxhmVyQlJt3Xk5Y7FRtTf0ybKJwHnk0Wds9UayL0zU5popA7gft62zTxCZ9G4jxZ2HkvtCoJ5-E9XjBw6-71YZD7VOuYZ-636O9Otvov1XMj4tfTOBTrR1jkDD3_1m9vm4ZAgpAfinrlqR3CqCSFX2HH7vQYJ-NhKS_ex2x_BC6DT2gvPu9TKCcExf-QDm0vuRX5YXMQZFvfZAvtSbwrcK46INvnDmqVUWJYtzXyWSsOK8b5BWhIfpD4sk09mtCL5ywIS0cuxFFE0nzZjr3lYhrutmeUYyjtq_51PqaiioMxmgDX79bwvH6E3s3BTVy8AoHKGjprmf54lykWOmjUEDUo8Awr4l66TSHGl3ujCBAKy3lOxifETEkJO3mM-NMgfpEKfkPS8mrwYfH9EPuUbHAjLPRYCUnTupKrU3O7VHZUEmtSoTjlF5M0boFlDAiRSpXfvUu-rMzaxLwhf1AI9of4QqgiW9MrUgDlsqsHnohZAS9L0gkD0B7R2zYgeZCeZ2ZZBJSsn9mlhMl-5gJcKMrziTmt0drfBxjiPACuVKa72WfWjd88QFSDmESIxx23W4dja7mKNkshO3xq7O8g2jHdO24R28b2svliX5p73oEas719zK6heJSUEra9hxYceSbIX5YUi0bcAGOYjKTMkLwjIDf0c8h5wrxx88J-0lHbYz19Ra-AJHjMIULyRNBO7zSXWI1w60Ldd4PUOLx_HnoOxamHllyhBtRUo1KSSPfPhvy7a12w5k-ys68bv7iz6rw0e2EdOkfSxf_DGbgZIykuAVmLOKomVUL06Zkum9v6HhYAXhIaPXjZ6v35gYqk_cNi49VWmdIVf-XW6HcIbH4vUGdcaXodJC6_mb7J1gO09291Tfhpr7ASBUfLqWHpmFyiKwcTL537pbqWyXQZbfpUDRr4nv1zqy1DBd6nXEg2wuJvCTvjweZd9c-tG9rT1ASxnCeDgW2dXycJm84fus9_PmK4Jl9exd9R6r--b3IY4UvphtqcicmKOI0CvDUlHg8wgeOPAUWnmqnYLfSaTZpUTHQnd7EO37OahPVj32LqAFkP8PQaWPE28xlBFb67Dmq8AfshDF1oZ852raMjpVu9ttlju-LFNX0rTtRZEE-FwYPry_FK5Fbl7JgdqdU_kWzTqRsNDm7xvyGEQZIj4Vm2gl2Xwv4kZzuUJIaovhcfNQjG2OOyoR0ShIp1mRcOUpxegmJzexRS8KnYhbuIw0Ar57EakmCHhpF5I470lyOnI6wBbTjHU1JMnl_zHqQjEvuNTd9x-IC2scpl-apNnOKTEhoja0QtEYY9lFfJ0IEjnvy18j7X2fWgX5xpRS9cbKBrqNwoEskXCpWOzdN2jKHM_lQjsyvZTwdYRY2_dqHB_ovG3YuVZCe_VyCg3rmCNJ5r69TN19gNhqTpfUv7jVFioZvOTxNfpYDkOpTcQXUPHPfs6qZvsg3AAVYmMwUZYFRg_8VEfNkWDo8C9nCxElPqAakX9qsFrGgMCHc5BixygEVAyqiWm4_QssVw3dZ3fnU69i9m4kb4BNT3S3LbQzOFd5NSToLyYVsmMextk2ZGgTg069UWrnqe-ceaOQ0WSnmagvsANgt78konU73GL5pjKoZ0KLUkX9ypJgslgAoEJAU5CI-kJgp2vnoZmjNyeBwjrwz8m0WXwvohVGg6O8fHn1-WErkCKMYWWnzqBBi1jnTIe5mNBJRIuRaTY51kSLgo_uTCdVGaFGlUGMOT86pmWHUJy_PR-mTw6FStH7laxyMhXuANyLGkw-XJtXhAr-GHYDuOAv7-Uufm3krxfOSbpQlTvozuRvSl3I2WHeFSDSiwNT2GYQJ_asAEFF8TGNKZ4w0502l3DM7tp5yLXyrhMLxjydQRg9lX5RXeqXLq4J7Q3l5PsOqkj2ZKs1uoml8AYLZTQeMp7x-MoywwJgBw9ntu6wbHgDE2j-dKUFFmh2220lWfChsRUCqqZaGxVyTNlZGgFUw9fFGuKo33Bes9MOWwASxNO_IV5Wg9YiVF6LMIAgfQogGuoPYhydbFYZiA4JEen09cbumEMpWwVsrjWW6qMbwuSuyxSoyU918rlTgU1eAweHyGevX3waN3hjfRuEmkR1GumSLiXD7572a-HqwnrKaJlsmMwb1szVoaxI_-FbtK4gJJm6ABZ2yPQQbMqj7jrvJGWjkCLHI_FAYr0tN8jn5Sy4nhnnnqjkEyqnyrugviy4kfE2dn88ARHd6cybst9vtGNGF-7at3Qx7HRJ52Lt4-Ml9uTRAOd1-amPrMsl_i4Wikd3OgVmeMXzjMMXaSpcp_zRYe1CufcNEH8CpP08MRdIhjnJ680EJSei11foR1IhgeTbd1wN8MzhDpYMCh-ipi8_tXqr6GB_3fnRaCc0oUmQxwQ0r8BWuUjT7Oa7o8yDGcnDw1cx2jL3d01z0t_AxhvHuyW_fDKuKaNB5SlEyLN2qSvHRAP-aT11VcF-t3DsEBqO8r2WTzmxe_4jBTzf7iSN1hhCExE8P9mQL-dlj_ErRdRyilqxfpTZO_eMz-JIo0KZONJF00L3rSTERThK3_EfBNYbRTXLYf7AheFc8IrpE-LNRA97XwoCgI-DRLZRy3zUhp3TGqwkT61ZV0IzfQC66O4Lk_gqI58UOtJRy8tnPdB3XH2syzoxb0NQ15d4M1ISST2kJfF2sRboYpdaPox-LvSTWRtaVpl1IsTjvY4_BRLc1SUBhl8ySE3wcBY5dD3D0hpViriumh8tZSoKN3NdlqQhn7lgUTuRFV0gVx1YlSyHX3ydRGMUBAmZZdFf3ZvUKwZDqg9r6AaeZtYkj2bYRIylYtHIlTtCXQa0cL0UTrE99SBQjqY-SXvYbW0ZL8_OZBSKOdt9cUYDe5PtHTAGlv36bdAdyedVgDGxBV2OgOCtSedqAeBoN6t3kHQaSES0gtAx53kJ4AUoSDBbss6j_9AP2O5Iu_e8yCEt0riw5pT8BF7vIRkfeAYe_Y8O9I8RgRF2E4IoGNmBvmmSmG2OuM05b8Xi3yat_UdFujVrykZvy1ezCn_Yiao6yHbn31f8kqgZUZ7Q&cid=CAASJeRoPZPTxluposP_b5ofjGUbu6lMiBRGvWqEwbpQGFBGgOsmqOs&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 01:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 01:32:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 59A6 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwfTVZBYYxGj0-8Z553i0-34i1-MVIZqzKyKujj_bRRCB8-zdYWTrjfIIzU0rv-u4wTDYI9IN7hkjzdgBr02mVDLeBqX9askY4NL_E4ixwva1bOLywiQjvyN0sCLSTL8wJBBcGB-ZqcJCSnYEnkzgTabiNwmxyFHeBsNv_-Ysrb1xTv7VIiYsElQl3M47A82L61FVYtS8m7HzzkoPIyPj-0hI3b5CF-q3NTsVTLmoefYhlwm2ym-Ie0mTM-R-UlD2ZTINuASWnNWkiC7RjaaEgWvxNS3sHEGs55BWIa3q6EPodzFLKunWWpfKlO81IpvHp2OSuFAsXGYVd1_877RTiDe8X_lcc2A0ycpyRUZ3ccveq-eKyeibPo7stYipcNWBHwqbEjqkPUZIroXA3qw3tabPOYyh6n52zM2wuAwswL1ZtL5WOcR6iSJ6VWQiiioymTOi8O_qeYnP_pSxx8BLk3nxkl9oAODje_zIu-mesEuAMUm23x-3Oe__Q7C2OrPZ6H6hNTYRzs9cZZPvmoxT2yR5w6b84ITgWXk-20QS30b80hNbXDCTPtEaIHLaqijgiLBA8HsFb1LsNK6YQsR0z4Zibc1vJZZXUS2raWIB_QMUjVwkveAtIisgXXVoLPzFTYxoGm9SGJk4ujI8_Lg3E3y2HvTulvjD6FTunBM_3P5UW3-nWu2K0tjiG0RVfgSW6wK6kLBGZEYBYjaaPb2YkVmUZIvpDo8UR5h58Do7z7Y10p_GN8XZoxiJWABMieMse9dSUkq-oJcl6ikgpBi3I-8fWGLTemywPSpVFS1o9u5EtkMeKjcWykmgjxy5yE_Bnxa8ZITA7jwkshUF_GE7F3rG5Vl9qbjJ1dKASG4uFn9fpihW90Cz5vo7gdpUBdUguHQsq1rqzpk1l745dy7jqpg0un6lbzV0FxyIEd-eWQ4tI73Fkl4QeCPjDcz2Hhf3eixDs4OZEHnPtF_z6iImDO-7iUdpQLijzAjJ-jA6ZE4B3HsO-yHS15Vv6aRZVqZRnJ2m23FpKfgALaSqpQJZz6fc1ZnsYwKdmRJ_cZ9NjJIMxDl4hAOZJsb3-XjvZ3erh4ZyMF5t-URLjR0JIAWOaGOpABuWNtYp4YB3dqu0TLt_uxc9YM9oeXQOJWjJB_6bqucbGyggNFfN6I7kGAYN81uagzmBT3YnOtJMhjoTQN5defts58lhDP6Mn2XF0l-6oMyIuDzzx0sHEYuZCb7zmBydVjy8TEK2198o4amP4pYMp3txocejOx-BJdKweoetjZWnVZGc0ptKutBft3-aOCft7aKSoxcHVZfIsjzDAsFONWUEdi-e5KzDb&sai=AMfl-YRgkqT2cUYJszEdMoEVqQZaplW8QWIS3j-tsj3npaShYs_gbsaA5qRjYq4cuojnd-MSHfVRcuDfzOHskk5udQq7lemVbJt2ctr6kLAmVfTJ1_uHMRYP09lsl668enWZO7GA8I_tJ4SrSCtcikT0EDu-sAk0o4hwyIq90ltQ5Z8y6AqNrub2hDOSFF5bVVqDSLnq72-qNhwavBxnb-AT-EYzz_MpNQ&sig=Cg0ArKJSzFmOlxj6PiNUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221003.85284&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbX8ioaVLbgkj4tpF05L7LLlkuYixv0HshJj7ufVKIhV7t7-aRVLptkvlQNf0cU0jLx2XuxERlaYpOr7P-Tbzg5Yg-TQ&cry=1&dbm_d=AKAmf-BCUtSmMhQ9pxuku9oo4ZHZRvZNwH5FTRBHCb1L4t2lgUkK3BHfXP869Qfv5nehuEJdB0AfAt5NUzEUJ48AZFr05q9tgokvvSO9vXn_TiJoCSgmnlUAGzjwphKLbd5cF058S97oohX-kvmyEplX5eofPpwGVJrLwCUSoDkdS5PX8lO9jUyjRBrJF82hHTK5exNUT9BU-3hvfL6o8AXhACvF9g7n7koLjndOBz-qV35Sm-1Ab0IamxtqRVW25ocZQRyZ-jjRUt4CvP_9r1KXrMufJZ7KiIWSzZ5ekZH_xIhJ4rBIn--amoQrx17IXcIA7-7Wa45Yw4K8jk0QjKcP3tqWbQubX8pDKAXc8jGaeiqsQbtwZrSLr2AVowz1qjtdQ9l48PJT1aIrY4qHDZDtbKeuUCnlHHcgZjvHSFSUlHjDBTBo2Ho1eva4uOC-kzOiiKlne6mLKG1FJtj8Q1HLzKNhXiyU0TKcEMx6TZvK66bD3vRSqMT5Vw3VxAOHEcTRaEuzeIRe40WHZEFR--7584F0m_9THLBNDv1VRAw_YkmvxyZ7osH-mFfBYSRooR5ZffT_MuutZZWUEvSvoheUvnaKuEx3VEGnEW-Y1M27u7SujZ8YagxhmVyQlJt3Xk5Y7FRtTf0ybKJwHnk0Wds9UayL0zU5popA7gft62zTxCZ9G4jxZ2HkvtCoJ5-E9XjBw6-71YZD7VOuYZ-636O9Otvov1XMj4tfTOBTrR1jkDD3_1m9vm4ZAgpAfinrlqR3CqCSFX2HH7vQYJ-NhKS_ex2x_BC6DT2gvPu9TKCcExf-QDm0vuRX5YXMQZFvfZAvtSbwrcK46INvnDmqVUWJYtzXyWSsOK8b5BWhIfpD4sk09mtCL5ywIS0cuxFFE0nzZjr3lYhrutmeUYyjtq_51PqaiioMxmgDX79bwvH6E3s3BTVy8AoHKGjprmf54lykWOmjUEDUo8Awr4l66TSHGl3ujCBAKy3lOxifETEkJO3mM-NMgfpEKfkPS8mrwYfH9EPuUbHAjLPRYCUnTupKrU3O7VHZUEmtSoTjlF5M0boFlDAiRSpXfvUu-rMzaxLwhf1AI9of4QqgiW9MrUgDlsqsHnohZAS9L0gkD0B7R2zYgeZCeZ2ZZBJSsn9mlhMl-5gJcKMrziTmt0drfBxjiPACuVKa72WfWjd88QFSDmESIxx23W4dja7mKNkshO3xq7O8g2jHdO24R28b2svliX5p73oEas719zK6heJSUEra9hxYceSbIX5YUi0bcAGOYjKTMkLwjIDf0c8h5wrxx88J-0lHbYz19Ra-AJHjMIULyRNBO7zSXWI1w60Ldd4PUOLx_HnoOxamHllyhBtRUo1KSSPfPhvy7a12w5k-ys68bv7iz6rw0e2EdOkfSxf_DGbgZIykuAVmLOKomVUL06Zkum9v6HhYAXhIaPXjZ6v35gYqk_cNi49VWmdIVf-XW6HcIbH4vUGdcaXodJC6_mb7J1gO09291Tfhpr7ASBUfLqWHpmFyiKwcTL537pbqWyXQZbfpUDRr4nv1zqy1DBd6nXEg2wuJvCTvjweZd9c-tG9rT1ASxnCeDgW2dXycJm84fus9_PmK4Jl9exd9R6r--b3IY4UvphtqcicmKOI0CvDUlHg8wgeOPAUWnmqnYLfSaTZpUTHQnd7EO37OahPVj32LqAFkP8PQaWPE28xlBFb67Dmq8AfshDF1oZ852raMjpVu9ttlju-LFNX0rTtRZEE-FwYPry_FK5Fbl7JgdqdU_kWzTqRsNDm7xvyGEQZIj4Vm2gl2Xwv4kZzuUJIaovhcfNQjG2OOyoR0ShIp1mRcOUpxegmJzexRS8KnYhbuIw0Ar57EakmCHhpF5I470lyOnI6wBbTjHU1JMnl_zHqQjEvuNTd9x-IC2scpl-apNnOKTEhoja0QtEYY9lFfJ0IEjnvy18j7X2fWgX5xpRS9cbKBrqNwoEskXCpWOzdN2jKHM_lQjsyvZTwdYRY2_dqHB_ovG3YuVZCe_VyCg3rmCNJ5r69TN19gNhqTpfUv7jVFioZvOTxNfpYDkOpTcQXUPHPfs6qZvsg3AAVYmMwUZYFRg_8VEfNkWDo8C9nCxElPqAakX9qsFrGgMCHc5BixygEVAyqiWm4_QssVw3dZ3fnU69i9m4kb4BNT3S3LbQzOFd5NSToLyYVsmMextk2ZGgTg069UWrnqe-ceaOQ0WSnmagvsANgt78konU73GL5pjKoZ0KLUkX9ypJgslgAoEJAU5CI-kJgp2vnoZmjNyeBwjrwz8m0WXwvohVGg6O8fHn1-WErkCKMYWWnzqBBi1jnTIe5mNBJRIuRaTY51kSLgo_uTCdVGaFGlUGMOT86pmWHUJy_PR-mTw6FStH7laxyMhXuANyLGkw-XJtXhAr-GHYDuOAv7-Uufm3krxfOSbpQlTvozuRvSl3I2WHeFSDSiwNT2GYQJ_asAEFF8TGNKZ4w0502l3DM7tp5yLXyrhMLxjydQRg9lX5RXeqXLq4J7Q3l5PsOqkj2ZKs1uoml8AYLZTQeMp7x-MoywwJgBw9ntu6wbHgDE2j-dKUFFmh2220lWfChsRUCqqZaGxVyTNlZGgFUw9fFGuKo33Bes9MOWwASxNO_IV5Wg9YiVF6LMIAgfQogGuoPYhydbFYZiA4JEen09cbumEMpWwVsrjWW6qMbwuSuyxSoyU918rlTgU1eAweHyGevX3waN3hjfRuEmkR1GumSLiXD7572a-HqwnrKaJlsmMwb1szVoaxI_-FbtK4gJJm6ABZ2yPQQbMqj7jrvJGWjkCLHI_FAYr0tN8jn5Sy4nhnnnqjkEyqnyrugviy4kfE2dn88ARHd6cybst9vtGNGF-7at3Qx7HRJ52Lt4-Ml9uTRAOd1-amPrMsl_i4Wikd3OgVmeMXzjMMXaSpcp_zRYe1CufcNEH8CpP08MRdIhjnJ680EJSei11foR1IhgeTbd1wN8MzhDpYMCh-ipi8_tXqr6GB_3fnRaCc0oUmQxwQ0r8BWuUjT7Oa7o8yDGcnDw1cx2jL3d01z0t_AxhvHuyW_fDKuKaNB5SlEyLN2qSvHRAP-aT11VcF-t3DsEBqO8r2WTzmxe_4jBTzf7iSN1hhCExE8P9mQL-dlj_ErRdRyilqxfpTZO_eMz-JIo0KZONJF00L3rSTERThK3_EfBNYbRTXLYf7AheFc8IrpE-LNRA97XwoCgI-DRLZRy3zUhp3TGqwkT61ZV0IzfQC66O4Lk_gqI58UOtJRy8tnPdB3XH2syzoxb0NQ15d4M1ISST2kJfF2sRboYpdaPox-LvSTWRtaVpl1IsTjvY4_BRLc1SUBhl8ySE3wcBY5dD3D0hpViriumh8tZSoKN3NdlqQhn7lgUTuRFV0gVx1YlSyHX3ydRGMUBAmZZdFf3ZvUKwZDqg9r6AaeZtYkj2bYRIylYtHIlTtCXQa0cL0UTrE99SBQjqY-SXvYbW0ZL8_OZBSKOdt9cUYDe5PtHTAGlv36bdAdyedVgDGxBV2OgOCtSedqAeBoN6t3kHQaSES0gtAx53kJ4AUoSDBbss6j_9AP2O5Iu_e8yCEt0riw5pT8BF7vIRkfeAYe_Y8O9I8RgRF2E4IoGNmBvmmSmG2OuM05b8Xi3yat_UdFujVrykZvy1ezCn_Yiao6yHbn31f8kqgZUZ7Q&cid=CAASJeRoPZPTxluposP_b5ofjGUbu6lMiBRGvWqEwbpQGFBGgOsmqOs&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 08 Oct 2022 02:06:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
tfav_adl_57.js
j.adlooxtracking.com/ads/js/ Frame 59A6 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_57.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbX8ioaVLbgkj4tpF05L7LLlkuYixv0HshJj7ufVKIhV7t7-aRVLptkvlQNf0cU0jLx2XuxERlaYpOr7P-Tbzg5Yg-TQ&cry=1&dbm_d=AKAmf-BCUtSmMhQ9pxuku9oo4ZHZRvZNwH5FTRBHCb1L4t2lgUkK3BHfXP869Qfv5nehuEJdB0AfAt5NUzEUJ48AZFr05q9tgokvvSO9vXn_TiJoCSgmnlUAGzjwphKLbd5cF058S97oohX-kvmyEplX5eofPpwGVJrLwCUSoDkdS5PX8lO9jUyjRBrJF82hHTK5exNUT9BU-3hvfL6o8AXhACvF9g7n7koLjndOBz-qV35Sm-1Ab0IamxtqRVW25ocZQRyZ-jjRUt4CvP_9r1KXrMufJZ7KiIWSzZ5ekZH_xIhJ4rBIn--amoQrx17IXcIA7-7Wa45Yw4K8jk0QjKcP3tqWbQubX8pDKAXc8jGaeiqsQbtwZrSLr2AVowz1qjtdQ9l48PJT1aIrY4qHDZDtbKeuUCnlHHcgZjvHSFSUlHjDBTBo2Ho1eva4uOC-kzOiiKlne6mLKG1FJtj8Q1HLzKNhXiyU0TKcEMx6TZvK66bD3vRSqMT5Vw3VxAOHEcTRaEuzeIRe40WHZEFR--7584F0m_9THLBNDv1VRAw_YkmvxyZ7osH-mFfBYSRooR5ZffT_MuutZZWUEvSvoheUvnaKuEx3VEGnEW-Y1M27u7SujZ8YagxhmVyQlJt3Xk5Y7FRtTf0ybKJwHnk0Wds9UayL0zU5popA7gft62zTxCZ9G4jxZ2HkvtCoJ5-E9XjBw6-71YZD7VOuYZ-636O9Otvov1XMj4tfTOBTrR1jkDD3_1m9vm4ZAgpAfinrlqR3CqCSFX2HH7vQYJ-NhKS_ex2x_BC6DT2gvPu9TKCcExf-QDm0vuRX5YXMQZFvfZAvtSbwrcK46INvnDmqVUWJYtzXyWSsOK8b5BWhIfpD4sk09mtCL5ywIS0cuxFFE0nzZjr3lYhrutmeUYyjtq_51PqaiioMxmgDX79bwvH6E3s3BTVy8AoHKGjprmf54lykWOmjUEDUo8Awr4l66TSHGl3ujCBAKy3lOxifETEkJO3mM-NMgfpEKfkPS8mrwYfH9EPuUbHAjLPRYCUnTupKrU3O7VHZUEmtSoTjlF5M0boFlDAiRSpXfvUu-rMzaxLwhf1AI9of4QqgiW9MrUgDlsqsHnohZAS9L0gkD0B7R2zYgeZCeZ2ZZBJSsn9mlhMl-5gJcKMrziTmt0drfBxjiPACuVKa72WfWjd88QFSDmESIxx23W4dja7mKNkshO3xq7O8g2jHdO24R28b2svliX5p73oEas719zK6heJSUEra9hxYceSbIX5YUi0bcAGOYjKTMkLwjIDf0c8h5wrxx88J-0lHbYz19Ra-AJHjMIULyRNBO7zSXWI1w60Ldd4PUOLx_HnoOxamHllyhBtRUo1KSSPfPhvy7a12w5k-ys68bv7iz6rw0e2EdOkfSxf_DGbgZIykuAVmLOKomVUL06Zkum9v6HhYAXhIaPXjZ6v35gYqk_cNi49VWmdIVf-XW6HcIbH4vUGdcaXodJC6_mb7J1gO09291Tfhpr7ASBUfLqWHpmFyiKwcTL537pbqWyXQZbfpUDRr4nv1zqy1DBd6nXEg2wuJvCTvjweZd9c-tG9rT1ASxnCeDgW2dXycJm84fus9_PmK4Jl9exd9R6r--b3IY4UvphtqcicmKOI0CvDUlHg8wgeOPAUWnmqnYLfSaTZpUTHQnd7EO37OahPVj32LqAFkP8PQaWPE28xlBFb67Dmq8AfshDF1oZ852raMjpVu9ttlju-LFNX0rTtRZEE-FwYPry_FK5Fbl7JgdqdU_kWzTqRsNDm7xvyGEQZIj4Vm2gl2Xwv4kZzuUJIaovhcfNQjG2OOyoR0ShIp1mRcOUpxegmJzexRS8KnYhbuIw0Ar57EakmCHhpF5I470lyOnI6wBbTjHU1JMnl_zHqQjEvuNTd9x-IC2scpl-apNnOKTEhoja0QtEYY9lFfJ0IEjnvy18j7X2fWgX5xpRS9cbKBrqNwoEskXCpWOzdN2jKHM_lQjsyvZTwdYRY2_dqHB_ovG3YuVZCe_VyCg3rmCNJ5r69TN19gNhqTpfUv7jVFioZvOTxNfpYDkOpTcQXUPHPfs6qZvsg3AAVYmMwUZYFRg_8VEfNkWDo8C9nCxElPqAakX9qsFrGgMCHc5BixygEVAyqiWm4_QssVw3dZ3fnU69i9m4kb4BNT3S3LbQzOFd5NSToLyYVsmMextk2ZGgTg069UWrnqe-ceaOQ0WSnmagvsANgt78konU73GL5pjKoZ0KLUkX9ypJgslgAoEJAU5CI-kJgp2vnoZmjNyeBwjrwz8m0WXwvohVGg6O8fHn1-WErkCKMYWWnzqBBi1jnTIe5mNBJRIuRaTY51kSLgo_uTCdVGaFGlUGMOT86pmWHUJy_PR-mTw6FStH7laxyMhXuANyLGkw-XJtXhAr-GHYDuOAv7-Uufm3krxfOSbpQlTvozuRvSl3I2WHeFSDSiwNT2GYQJ_asAEFF8TGNKZ4w0502l3DM7tp5yLXyrhMLxjydQRg9lX5RXeqXLq4J7Q3l5PsOqkj2ZKs1uoml8AYLZTQeMp7x-MoywwJgBw9ntu6wbHgDE2j-dKUFFmh2220lWfChsRUCqqZaGxVyTNlZGgFUw9fFGuKo33Bes9MOWwASxNO_IV5Wg9YiVF6LMIAgfQogGuoPYhydbFYZiA4JEen09cbumEMpWwVsrjWW6qMbwuSuyxSoyU918rlTgU1eAweHyGevX3waN3hjfRuEmkR1GumSLiXD7572a-HqwnrKaJlsmMwb1szVoaxI_-FbtK4gJJm6ABZ2yPQQbMqj7jrvJGWjkCLHI_FAYr0tN8jn5Sy4nhnnnqjkEyqnyrugviy4kfE2dn88ARHd6cybst9vtGNGF-7at3Qx7HRJ52Lt4-Ml9uTRAOd1-amPrMsl_i4Wikd3OgVmeMXzjMMXaSpcp_zRYe1CufcNEH8CpP08MRdIhjnJ680EJSei11foR1IhgeTbd1wN8MzhDpYMCh-ipi8_tXqr6GB_3fnRaCc0oUmQxwQ0r8BWuUjT7Oa7o8yDGcnDw1cx2jL3d01z0t_AxhvHuyW_fDKuKaNB5SlEyLN2qSvHRAP-aT11VcF-t3DsEBqO8r2WTzmxe_4jBTzf7iSN1hhCExE8P9mQL-dlj_ErRdRyilqxfpTZO_eMz-JIo0KZONJF00L3rSTERThK3_EfBNYbRTXLYf7AheFc8IrpE-LNRA97XwoCgI-DRLZRy3zUhp3TGqwkT61ZV0IzfQC66O4Lk_gqI58UOtJRy8tnPdB3XH2syzoxb0NQ15d4M1ISST2kJfF2sRboYpdaPox-LvSTWRtaVpl1IsTjvY4_BRLc1SUBhl8ySE3wcBY5dD3D0hpViriumh8tZSoKN3NdlqQhn7lgUTuRFV0gVx1YlSyHX3ydRGMUBAmZZdFf3ZvUKwZDqg9r6AaeZtYkj2bYRIylYtHIlTtCXQa0cL0UTrE99SBQjqY-SXvYbW0ZL8_OZBSKOdt9cUYDe5PtHTAGlv36bdAdyedVgDGxBV2OgOCtSedqAeBoN6t3kHQaSES0gtAx53kJ4AUoSDBbss6j_9AP2O5Iu_e8yCEt0riw5pT8BF7vIRkfeAYe_Y8O9I8RgRF2E4IoGNmBvmmSmG2OuM05b8Xi3yat_UdFujVrykZvy1ezCn_Yiao6yHbn31f8kqgZUZ7Q&cid=CAASJeRoPZPTxluposP_b5ofjGUbu6lMiBRGvWqEwbpQGFBGgOsmqOs&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.27.147 , France, ASN16276 (OVH, FR),
Reverse DNS
js12.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
d36253140224d3e65922719329cba306a98af2154419ee3b571399b1ddc0bdf9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 08 Oct 2022 02:06:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:16:32 GMT
Server
nginx/1.15.8
ETag
W/"61b86f00-ffaa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 59A6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbX8ioaVLbgkj4tpF05L7LLlkuYixv0HshJj7ufVKIhV7t7-aRVLptkvlQNf0cU0jLx2XuxERlaYpOr7P-Tbzg5Yg-TQ&cry=1&dbm_d=AKAmf-BCUtSmMhQ9pxuku9oo4ZHZRvZNwH5FTRBHCb1L4t2lgUkK3BHfXP869Qfv5nehuEJdB0AfAt5NUzEUJ48AZFr05q9tgokvvSO9vXn_TiJoCSgmnlUAGzjwphKLbd5cF058S97oohX-kvmyEplX5eofPpwGVJrLwCUSoDkdS5PX8lO9jUyjRBrJF82hHTK5exNUT9BU-3hvfL6o8AXhACvF9g7n7koLjndOBz-qV35Sm-1Ab0IamxtqRVW25ocZQRyZ-jjRUt4CvP_9r1KXrMufJZ7KiIWSzZ5ekZH_xIhJ4rBIn--amoQrx17IXcIA7-7Wa45Yw4K8jk0QjKcP3tqWbQubX8pDKAXc8jGaeiqsQbtwZrSLr2AVowz1qjtdQ9l48PJT1aIrY4qHDZDtbKeuUCnlHHcgZjvHSFSUlHjDBTBo2Ho1eva4uOC-kzOiiKlne6mLKG1FJtj8Q1HLzKNhXiyU0TKcEMx6TZvK66bD3vRSqMT5Vw3VxAOHEcTRaEuzeIRe40WHZEFR--7584F0m_9THLBNDv1VRAw_YkmvxyZ7osH-mFfBYSRooR5ZffT_MuutZZWUEvSvoheUvnaKuEx3VEGnEW-Y1M27u7SujZ8YagxhmVyQlJt3Xk5Y7FRtTf0ybKJwHnk0Wds9UayL0zU5popA7gft62zTxCZ9G4jxZ2HkvtCoJ5-E9XjBw6-71YZD7VOuYZ-636O9Otvov1XMj4tfTOBTrR1jkDD3_1m9vm4ZAgpAfinrlqR3CqCSFX2HH7vQYJ-NhKS_ex2x_BC6DT2gvPu9TKCcExf-QDm0vuRX5YXMQZFvfZAvtSbwrcK46INvnDmqVUWJYtzXyWSsOK8b5BWhIfpD4sk09mtCL5ywIS0cuxFFE0nzZjr3lYhrutmeUYyjtq_51PqaiioMxmgDX79bwvH6E3s3BTVy8AoHKGjprmf54lykWOmjUEDUo8Awr4l66TSHGl3ujCBAKy3lOxifETEkJO3mM-NMgfpEKfkPS8mrwYfH9EPuUbHAjLPRYCUnTupKrU3O7VHZUEmtSoTjlF5M0boFlDAiRSpXfvUu-rMzaxLwhf1AI9of4QqgiW9MrUgDlsqsHnohZAS9L0gkD0B7R2zYgeZCeZ2ZZBJSsn9mlhMl-5gJcKMrziTmt0drfBxjiPACuVKa72WfWjd88QFSDmESIxx23W4dja7mKNkshO3xq7O8g2jHdO24R28b2svliX5p73oEas719zK6heJSUEra9hxYceSbIX5YUi0bcAGOYjKTMkLwjIDf0c8h5wrxx88J-0lHbYz19Ra-AJHjMIULyRNBO7zSXWI1w60Ldd4PUOLx_HnoOxamHllyhBtRUo1KSSPfPhvy7a12w5k-ys68bv7iz6rw0e2EdOkfSxf_DGbgZIykuAVmLOKomVUL06Zkum9v6HhYAXhIaPXjZ6v35gYqk_cNi49VWmdIVf-XW6HcIbH4vUGdcaXodJC6_mb7J1gO09291Tfhpr7ASBUfLqWHpmFyiKwcTL537pbqWyXQZbfpUDRr4nv1zqy1DBd6nXEg2wuJvCTvjweZd9c-tG9rT1ASxnCeDgW2dXycJm84fus9_PmK4Jl9exd9R6r--b3IY4UvphtqcicmKOI0CvDUlHg8wgeOPAUWnmqnYLfSaTZpUTHQnd7EO37OahPVj32LqAFkP8PQaWPE28xlBFb67Dmq8AfshDF1oZ852raMjpVu9ttlju-LFNX0rTtRZEE-FwYPry_FK5Fbl7JgdqdU_kWzTqRsNDm7xvyGEQZIj4Vm2gl2Xwv4kZzuUJIaovhcfNQjG2OOyoR0ShIp1mRcOUpxegmJzexRS8KnYhbuIw0Ar57EakmCHhpF5I470lyOnI6wBbTjHU1JMnl_zHqQjEvuNTd9x-IC2scpl-apNnOKTEhoja0QtEYY9lFfJ0IEjnvy18j7X2fWgX5xpRS9cbKBrqNwoEskXCpWOzdN2jKHM_lQjsyvZTwdYRY2_dqHB_ovG3YuVZCe_VyCg3rmCNJ5r69TN19gNhqTpfUv7jVFioZvOTxNfpYDkOpTcQXUPHPfs6qZvsg3AAVYmMwUZYFRg_8VEfNkWDo8C9nCxElPqAakX9qsFrGgMCHc5BixygEVAyqiWm4_QssVw3dZ3fnU69i9m4kb4BNT3S3LbQzOFd5NSToLyYVsmMextk2ZGgTg069UWrnqe-ceaOQ0WSnmagvsANgt78konU73GL5pjKoZ0KLUkX9ypJgslgAoEJAU5CI-kJgp2vnoZmjNyeBwjrwz8m0WXwvohVGg6O8fHn1-WErkCKMYWWnzqBBi1jnTIe5mNBJRIuRaTY51kSLgo_uTCdVGaFGlUGMOT86pmWHUJy_PR-mTw6FStH7laxyMhXuANyLGkw-XJtXhAr-GHYDuOAv7-Uufm3krxfOSbpQlTvozuRvSl3I2WHeFSDSiwNT2GYQJ_asAEFF8TGNKZ4w0502l3DM7tp5yLXyrhMLxjydQRg9lX5RXeqXLq4J7Q3l5PsOqkj2ZKs1uoml8AYLZTQeMp7x-MoywwJgBw9ntu6wbHgDE2j-dKUFFmh2220lWfChsRUCqqZaGxVyTNlZGgFUw9fFGuKo33Bes9MOWwASxNO_IV5Wg9YiVF6LMIAgfQogGuoPYhydbFYZiA4JEen09cbumEMpWwVsrjWW6qMbwuSuyxSoyU918rlTgU1eAweHyGevX3waN3hjfRuEmkR1GumSLiXD7572a-HqwnrKaJlsmMwb1szVoaxI_-FbtK4gJJm6ABZ2yPQQbMqj7jrvJGWjkCLHI_FAYr0tN8jn5Sy4nhnnnqjkEyqnyrugviy4kfE2dn88ARHd6cybst9vtGNGF-7at3Qx7HRJ52Lt4-Ml9uTRAOd1-amPrMsl_i4Wikd3OgVmeMXzjMMXaSpcp_zRYe1CufcNEH8CpP08MRdIhjnJ680EJSei11foR1IhgeTbd1wN8MzhDpYMCh-ipi8_tXqr6GB_3fnRaCc0oUmQxwQ0r8BWuUjT7Oa7o8yDGcnDw1cx2jL3d01z0t_AxhvHuyW_fDKuKaNB5SlEyLN2qSvHRAP-aT11VcF-t3DsEBqO8r2WTzmxe_4jBTzf7iSN1hhCExE8P9mQL-dlj_ErRdRyilqxfpTZO_eMz-JIo0KZONJF00L3rSTERThK3_EfBNYbRTXLYf7AheFc8IrpE-LNRA97XwoCgI-DRLZRy3zUhp3TGqwkT61ZV0IzfQC66O4Lk_gqI58UOtJRy8tnPdB3XH2syzoxb0NQ15d4M1ISST2kJfF2sRboYpdaPox-LvSTWRtaVpl1IsTjvY4_BRLc1SUBhl8ySE3wcBY5dD3D0hpViriumh8tZSoKN3NdlqQhn7lgUTuRFV0gVx1YlSyHX3ydRGMUBAmZZdFf3ZvUKwZDqg9r6AaeZtYkj2bYRIylYtHIlTtCXQa0cL0UTrE99SBQjqY-SXvYbW0ZL8_OZBSKOdt9cUYDe5PtHTAGlv36bdAdyedVgDGxBV2OgOCtSedqAeBoN6t3kHQaSES0gtAx53kJ4AUoSDBbss6j_9AP2O5Iu_e8yCEt0riw5pT8BF7vIRkfeAYe_Y8O9I8RgRF2E4IoGNmBvmmSmG2OuM05b8Xi3yat_UdFujVrykZvy1ezCn_Yiao6yHbn31f8kqgZUZ7Q&cid=CAASJeRoPZPTxluposP_b5ofjGUbu6lMiBRGvWqEwbpQGFBGgOsmqOs&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
11365344273383678206
s0.2mdn.net/simgad/ Frame 59A6 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11365344273383678206
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a1e69cda9af4f31a3cbb4f3c2ff7aae63a034d603d9438a72da94369ee88387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:41:53 GMT
x-content-type-options
nosniff
age
408302
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92261
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 12:54:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 08:41:53 GMT
generate_204
tpc.googlesyndication.com/ Frame 3371 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?I255OQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 844B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
19186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Oct 2022 20:47:09 GMT
etag
48472445140208031
expires
Sat, 08 Oct 2022 20:47:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 656C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
100228
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 22:16:27 GMT
expires
Fri, 06 Oct 2023 22:16:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 59A6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c117d008d63822c6150195fc1a4c2600289e74e33df9ee3327ec96aad6646070

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 844B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1OY8pvEwpTkjGKgQEbmLg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1OY8pvEwpTkjGKgQEbmLg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S1N5dmkyeVAxT0daZVQ1&google_gid=CAESEA1OY8pvEwpTkjGKgQEbmLg&google_cver=1&google_push=AZmPxg9LTbtUBgzBWxrxyBgjFYs3_c0dn9CKuw6vcigB76K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S1N5dmkyeVAxT0daZVQ1&google_gid=CAESEA1OY8pvEwpTkjGKgQEbmLg&google_cver=1&google_push=AZmPxg9LTbtUBgzBWxrxyBgjFYs3_c0dn9CKuw6vcigB76Kn860w8r23TLlkjFJNVr3QnK_AYp-h-p7O4S6KlmgPbSJ2omqJQ2iH
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 Oct 2022 02:06:55 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S1N5dmkyeVAxT0daZVQ1&google_gid=CAESEA1OY8pvEwpTkjGKgQEbmLg&google_cver=1&google_push=AZmPxg9LTbtUBgzBWxrxyBgjFYs3_c0dn9CKuw6vcigB76Kn860w8r23TLlkjFJNVr3QnK_AYp-h-p7O4S6KlmgPbSJ2omqJQ2iH
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 844B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIhyQsLGwHFXDEVcV5unoEE&google_cver=1&google_push=AZmPxg_eKaxo2ya7A15wid4pYIaf-LqYcoeQT6HrV7XdMe8ZncPyYzG2VJxlAWqIckWolImK0YnRcUWZhOCMKg5dT0H8hky2mfE
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 844B
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECEkOZJjU7l8ChTS3-L3xoo&google_cver=1&google_push=AZmPxg8bpr9okq_4K-Ig53uLWBiUUJZQBckSIz_s1pTgPJ3PGSFn1q-_hga8m_X4zkmWBfNK2R0U8Xjx-oR...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8bpr9okq_4K-Ig53uLWBiUUJZQBckSIz_s1pTgPJ3PGSFn1q-_hga8m_X4zkmWBfNK2R0U8Xjx-oRhbXl1OfmvkXAYyCP_&google_hm=SSIeFMntRHKcFWhUzjBpWmw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8bpr9okq_4K-Ig53uLWBiUUJZQBckSIz_s1pTgPJ3PGSFn1q-_hga8m_X4zkmWBfNK2R0U8Xjx-oRhbXl1OfmvkXAYyCP_&google_hm=SSIeFMntRHKcFWhUzjBpWmw
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:54 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8bpr9okq_4K-Ig53uLWBiUUJZQBckSIz_s1pTgPJ3PGSFn1q-_hga8m_X4zkmWBfNK2R0U8Xjx-oRhbXl1OfmvkXAYyCP_&google_hm=SSIeFMntRHKcFWhUzjBpWmw
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 844B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECidmUoTR-Pwth_LnPfTNeQ&google_cver=1&google_push=AZmPxg9n5WYKQQbAaVQaR6sEwG7Fo8-rHp-nq63iSKT_dmlFHCRmtv-Hb4Dw8ZJSqvzyUMab4SN7cBOTlGvyYxYg...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AnOqZ9cGQ2eeJr5MXUG8pA2&google_push=AZmPxg9n5WYKQQbAaVQaR6sEwG7Fo8-rHp-nq63iSKT_dmlFHCRmtv-Hb4Dw8ZJSqvzyUMab4SN7cBOTlGvyYxYgBGiC2ui91WU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AnOqZ9cGQ2eeJr5MXUG8pA2&google_push=AZmPxg9n5WYKQQbAaVQaR6sEwG7Fo8-rHp-nq63iSKT_dmlFHCRmtv-Hb4Dw8ZJSqvzyUMab4SN7cBOTlGvyYxYgBGiC2ui91WU
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 08 Oct 2022 02:06:55 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AnOqZ9cGQ2eeJr5MXUG8pA2&google_push=AZmPxg9n5WYKQQbAaVQaR6sEwG7Fo8-rHp-nq63iSKT_dmlFHCRmtv-Hb4Dw8ZJSqvzyUMab4SN7cBOTlGvyYxYgBGiC2ui91WU
x-host
tde-deliveryengine-production-b869b47b-6j5cf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 844B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP6KHEskeqzbOlmGMdRA42s&google_cver=1&google_push=AZmPxg_W0KTPRgR7QMbr4FZ3Jjuhn4vdZxX9le0BzA14VqKMjh-4bXCQgX752yi8z4s28QfUyXRabsfApk6zH2aImgeG...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEP6KHEskeqzbOlmGMdRA42s&google_cver=1&google_push=AZmPxg_W0KTPRgR7QMbr4FZ3Jjuhn4vdZxX9le0BzA14VqKMjh-4bXCQgX752yi8z4s28QfUyXRabsfApk6zH2...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329522593380284&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_W0KTPRgR7QMbr4FZ3Jjuhn4vdZxX9le0BzA14VqKMjh-4bXCQgX752yi8z4s28QfUyXRabsfApk6zH2aImgeG963TH6t4&google_hm=iBoSQbA8SBCdjT_K2H5adQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_W0KTPRgR7QMbr4FZ3Jjuhn4vdZxX9le0BzA14VqKMjh-4bXCQgX752yi8z4s28QfUyXRabsfApk6zH2aImgeG963TH6t4&google_hm=iBoSQbA8SBCdjT_K2H5adQ==
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_W0KTPRgR7QMbr4FZ3Jjuhn4vdZxX9le0BzA14VqKMjh-4bXCQgX752yi8z4s28QfUyXRabsfApk6zH2aImgeG963TH6t4&google_hm=iBoSQbA8SBCdjT_K2H5adQ==
Date
Sat, 08 Oct 2022 02:06:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 844B
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELZnzyWk9E4cy3Pes6XrgYE&google_cver=1&google_push=AZmPxg9yaX8AiEW0FNtEAo4xVqtlcfIdLPfVOaFV03sFIxoWg7SrgbZ9QlHsNqrmfXkinVjlZddAvF30tFuoeAyh...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9yaX8AiEW0FNtEAo4xVqtlcfIdLPfVOaFV03sFIxoWg7SrgbZ9QlHsNqrmfXkinVjlZddAvF30tFuoeAyhl0ghrq_3_NAS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9yaX8AiEW0FNtEAo4xVqtlcfIdLPfVOaFV03sFIxoWg7SrgbZ9QlHsNqrmfXkinVjlZddAvF30tFuoeAyhl0ghrq_3_NAS
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 08 Oct 2022 02:06:55 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9yaX8AiEW0FNtEAo4xVqtlcfIdLPfVOaFV03sFIxoWg7SrgbZ9QlHsNqrmfXkinVjlZddAvF30tFuoeAyhl0ghrq_3_NAS
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
nidsdtrCQQ7t7IbVry219Ncj4ROuOjqVPwf_6abcmeXHKy6eUXVxTQ==
pixel
cm.g.doubleclick.net/ Frame 844B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg8ZH7ICLIU2RNiGmaK_yDzHV9-MxLQnFpi_bXxwJ1U_DBOdbHfGjD1yF9QMSUf-U7BgYFCItNLeITUKq7w960UQxawg7SZK&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-dce8367e-243d-4380-b1a0-a26ac71f9021-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8ZH7ICLIU2RNiGmaK_y...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8ZH7ICLIU2RNiGmaK_yDzHV9-MxLQnFpi_bXxwJ1U_DBOdbHfGjD1yF9QMSUf-U7BgYFCItNLeITUKq7w960UQxawg7SZK&google_hm=A9zoNn4kPUOAsaCiascfkCE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8ZH7ICLIU2RNiGmaK_yDzHV9-MxLQnFpi_bXxwJ1U_DBOdbHfGjD1yF9QMSUf-U7BgYFCItNLeITUKq7w960UQxawg7SZK&google_hm=A9zoNn4kPUOAsaCiascfkCE
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8ZH7ICLIU2RNiGmaK_yDzHV9-MxLQnFpi_bXxwJ1U_DBOdbHfGjD1yF9QMSUf-U7BgYFCItNLeITUKq7w960UQxawg7SZK&google_hm=A9zoNn4kPUOAsaCiascfkCE
date
Sat, 08 Oct 2022 02:06:55 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXdce8367e243d4380b1a0a26ac71f9021003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 844B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I01jKSQ5O3HJi62QmkUc0nboPTx4TBfsPetzIMPlC8e-f5jdZHTzoql5zh--N-gLECvO6U
Requested by
Host: 4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
URL: https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame 656C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 15:57:05 GMT
ic5.php
data00.adlooxtracking.com/ads/ Frame 59A6 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D7%26scriptname%3Dadl_57%26tagid%3D529%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom1area%3D50%26custom1sec%3D1%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=nmp&campagne=57&banniere=0&visite_id=56132646505&seq=0&timezone=0&js=tfav_adl_57.js&date_regen=2021-12-14%2010%3A16%3A28&plat=7&tagid=529&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=9295572&id2=27377933&id3=330734833&id4=5325044&id5=167969499&id14=%24ADLOOX_WEBSITE&id15=display&id20=614b730&p_d=0.029&d5=418&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fwww.rbc.ua%2F&ao=https%3A%2F%2Fwww.rbc.ua&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
02cff5503cc397bd97b4f66065c8096550302a012d15c03cf936cc1566862439

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:55 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-8pp79
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame 59A6 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwfTVZBYYxGj0-8Z553i0-34i1-MVIZqzKyKujj_bRRCB8-zdYWTrjfIIzU0rv-u4wTDYI9IN7hkjzdgBr02mVDLeBqX9askY4NL_E4ixwva1bOLywiQjvyN0sCLSTL8wJBBcGB-ZqcJCSnYEnkzgTabiNwmxyFHeBsNv_-Ysrb1xTv7VIiYsElQl3M47A82L61FVYtS8m7HzzkoPIyPj-0hI3b5CF-q3NTsVTLmoefYhlwm2ym-Ie0mTM-R-UlD2ZTINuASWnNWkiC7RjaaEgWvxNS3sHEGs55BWIa3q6EPodzFLKunWWpfKlO81IpvHp2OSuFAsXGYVd1_877RTiDe8X_lcc2A0ycpyRUZ3ccveq-eKyeibPo7stYipcNWBHwqbEjqkPUZIroXA3qw3tabPOYyh6n52zM2wuAwswL1ZtL5WOcR6iSJ6VWQiiioymTOi8O_qeYnP_pSxx8BLk3nxkl9oAODje_zIu-mesEuAMUm23x-3Oe__Q7C2OrPZ6H6hNTYRzs9cZZPvmoxT2yR5w6b84ITgWXk-20QS30b80hNbXDCTPtEaIHLaqijgiLBA8HsFb1LsNK6YQsR0z4Zibc1vJZZXUS2raWIB_QMUjVwkveAtIisgXXVoLPzFTYxoGm9SGJk4ujI8_Lg3E3y2HvTulvjD6FTunBM_3P5UW3-nWu2K0tjiG0RVfgSW6wK6kLBGZEYBYjaaPb2YkVmUZIvpDo8UR5h58Do7z7Y10p_GN8XZoxiJWABMieMse9dSUkq-oJcl6ikgpBi3I-8fWGLTemywPSpVFS1o9u5EtkMeKjcWykmgjxy5yE_Bnxa8ZITA7jwkshUF_GE7F3rG5Vl9qbjJ1dKASG4uFn9fpihW90Cz5vo7gdpUBdUguHQsq1rqzpk1l745dy7jqpg0un6lbzV0FxyIEd-eWQ4tI73Fkl4QeCPjDcz2Hhf3eixDs4OZEHnPtF_z6iImDO-7iUdpQLijzAjJ-jA6ZE4B3HsO-yHS15Vv6aRZVqZRnJ2m23FpKfgALaSqpQJZz6fc1ZnsYwKdmRJ_cZ9NjJIMxDl4hAOZJsb3-XjvZ3erh4ZyMF5t-URLjR0JIAWOaGOpABuWNtYp4YB3dqu0TLt_uxc9YM9oeXQOJWjJB_6bqucbGyggNFfN6I7kGAYN81uagzmBT3YnOtJMhjoTQN5defts58lhDP6Mn2XF0l-6oMyIuDzzx0sHEYuZCb7zmBydVjy8TEK2198o4amP4pYMp3txocejOx-BJdKweoetjZWnVZGc0ptKutBft3-aOCft7aKSoxcHVZfIsjzDAsFONWUEdi-e5KzDb&sai=AMfl-YRgkqT2cUYJszEdMoEVqQZaplW8QWIS3j-tsj3npaShYs_gbsaA5qRjYq4cuojnd-MSHfVRcuDfzOHskk5udQq7lemVbJt2ctr6kLAmVfTJ1_uHMRYP09lsl668enWZO7GA8I_tJ4SrSCtcikT0EDu-sAk0o4hwyIq90ltQ5Z8y6AqNrub2hDOSFF5bVVqDSLnq72-qNhwavBxnb-AT-EYzz_MpNQ&sig=Cg0ArKJSzFmOlxj6PiNUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=226&vt=11&dtpt=225&dett=2&cstd=0&cisv=r20221003.85284&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbX8ioaVLbgkj4tpF05L7LLlkuYixv0HshJj7ufVKIhV7t7-aRVLptkvlQNf0cU0jLx2XuxERlaYpOr7P-Tbzg5Yg-TQ&cry=1&dbm_d=AKAmf-BCUtSmMhQ9pxuku9oo4ZHZRvZNwH5FTRBHCb1L4t2lgUkK3BHfXP869Qfv5nehuEJdB0AfAt5NUzEUJ48AZFr05q9tgokvvSO9vXn_TiJoCSgmnlUAGzjwphKLbd5cF058S97oohX-kvmyEplX5eofPpwGVJrLwCUSoDkdS5PX8lO9jUyjRBrJF82hHTK5exNUT9BU-3hvfL6o8AXhACvF9g7n7koLjndOBz-qV35Sm-1Ab0IamxtqRVW25ocZQRyZ-jjRUt4CvP_9r1KXrMufJZ7KiIWSzZ5ekZH_xIhJ4rBIn--amoQrx17IXcIA7-7Wa45Yw4K8jk0QjKcP3tqWbQubX8pDKAXc8jGaeiqsQbtwZrSLr2AVowz1qjtdQ9l48PJT1aIrY4qHDZDtbKeuUCnlHHcgZjvHSFSUlHjDBTBo2Ho1eva4uOC-kzOiiKlne6mLKG1FJtj8Q1HLzKNhXiyU0TKcEMx6TZvK66bD3vRSqMT5Vw3VxAOHEcTRaEuzeIRe40WHZEFR--7584F0m_9THLBNDv1VRAw_YkmvxyZ7osH-mFfBYSRooR5ZffT_MuutZZWUEvSvoheUvnaKuEx3VEGnEW-Y1M27u7SujZ8YagxhmVyQlJt3Xk5Y7FRtTf0ybKJwHnk0Wds9UayL0zU5popA7gft62zTxCZ9G4jxZ2HkvtCoJ5-E9XjBw6-71YZD7VOuYZ-636O9Otvov1XMj4tfTOBTrR1jkDD3_1m9vm4ZAgpAfinrlqR3CqCSFX2HH7vQYJ-NhKS_ex2x_BC6DT2gvPu9TKCcExf-QDm0vuRX5YXMQZFvfZAvtSbwrcK46INvnDmqVUWJYtzXyWSsOK8b5BWhIfpD4sk09mtCL5ywIS0cuxFFE0nzZjr3lYhrutmeUYyjtq_51PqaiioMxmgDX79bwvH6E3s3BTVy8AoHKGjprmf54lykWOmjUEDUo8Awr4l66TSHGl3ujCBAKy3lOxifETEkJO3mM-NMgfpEKfkPS8mrwYfH9EPuUbHAjLPRYCUnTupKrU3O7VHZUEmtSoTjlF5M0boFlDAiRSpXfvUu-rMzaxLwhf1AI9of4QqgiW9MrUgDlsqsHnohZAS9L0gkD0B7R2zYgeZCeZ2ZZBJSsn9mlhMl-5gJcKMrziTmt0drfBxjiPACuVKa72WfWjd88QFSDmESIxx23W4dja7mKNkshO3xq7O8g2jHdO24R28b2svliX5p73oEas719zK6heJSUEra9hxYceSbIX5YUi0bcAGOYjKTMkLwjIDf0c8h5wrxx88J-0lHbYz19Ra-AJHjMIULyRNBO7zSXWI1w60Ldd4PUOLx_HnoOxamHllyhBtRUo1KSSPfPhvy7a12w5k-ys68bv7iz6rw0e2EdOkfSxf_DGbgZIykuAVmLOKomVUL06Zkum9v6HhYAXhIaPXjZ6v35gYqk_cNi49VWmdIVf-XW6HcIbH4vUGdcaXodJC6_mb7J1gO09291Tfhpr7ASBUfLqWHpmFyiKwcTL537pbqWyXQZbfpUDRr4nv1zqy1DBd6nXEg2wuJvCTvjweZd9c-tG9rT1ASxnCeDgW2dXycJm84fus9_PmK4Jl9exd9R6r--b3IY4UvphtqcicmKOI0CvDUlHg8wgeOPAUWnmqnYLfSaTZpUTHQnd7EO37OahPVj32LqAFkP8PQaWPE28xlBFb67Dmq8AfshDF1oZ852raMjpVu9ttlju-LFNX0rTtRZEE-FwYPry_FK5Fbl7JgdqdU_kWzTqRsNDm7xvyGEQZIj4Vm2gl2Xwv4kZzuUJIaovhcfNQjG2OOyoR0ShIp1mRcOUpxegmJzexRS8KnYhbuIw0Ar57EakmCHhpF5I470lyOnI6wBbTjHU1JMnl_zHqQjEvuNTd9x-IC2scpl-apNnOKTEhoja0QtEYY9lFfJ0IEjnvy18j7X2fWgX5xpRS9cbKBrqNwoEskXCpWOzdN2jKHM_lQjsyvZTwdYRY2_dqHB_ovG3YuVZCe_VyCg3rmCNJ5r69TN19gNhqTpfUv7jVFioZvOTxNfpYDkOpTcQXUPHPfs6qZvsg3AAVYmMwUZYFRg_8VEfNkWDo8C9nCxElPqAakX9qsFrGgMCHc5BixygEVAyqiWm4_QssVw3dZ3fnU69i9m4kb4BNT3S3LbQzOFd5NSToLyYVsmMextk2ZGgTg069UWrnqe-ceaOQ0WSnmagvsANgt78konU73GL5pjKoZ0KLUkX9ypJgslgAoEJAU5CI-kJgp2vnoZmjNyeBwjrwz8m0WXwvohVGg6O8fHn1-WErkCKMYWWnzqBBi1jnTIe5mNBJRIuRaTY51kSLgo_uTCdVGaFGlUGMOT86pmWHUJy_PR-mTw6FStH7laxyMhXuANyLGkw-XJtXhAr-GHYDuOAv7-Uufm3krxfOSbpQlTvozuRvSl3I2WHeFSDSiwNT2GYQJ_asAEFF8TGNKZ4w0502l3DM7tp5yLXyrhMLxjydQRg9lX5RXeqXLq4J7Q3l5PsOqkj2ZKs1uoml8AYLZTQeMp7x-MoywwJgBw9ntu6wbHgDE2j-dKUFFmh2220lWfChsRUCqqZaGxVyTNlZGgFUw9fFGuKo33Bes9MOWwASxNO_IV5Wg9YiVF6LMIAgfQogGuoPYhydbFYZiA4JEen09cbumEMpWwVsrjWW6qMbwuSuyxSoyU918rlTgU1eAweHyGevX3waN3hjfRuEmkR1GumSLiXD7572a-HqwnrKaJlsmMwb1szVoaxI_-FbtK4gJJm6ABZ2yPQQbMqj7jrvJGWjkCLHI_FAYr0tN8jn5Sy4nhnnnqjkEyqnyrugviy4kfE2dn88ARHd6cybst9vtGNGF-7at3Qx7HRJ52Lt4-Ml9uTRAOd1-amPrMsl_i4Wikd3OgVmeMXzjMMXaSpcp_zRYe1CufcNEH8CpP08MRdIhjnJ680EJSei11foR1IhgeTbd1wN8MzhDpYMCh-ipi8_tXqr6GB_3fnRaCc0oUmQxwQ0r8BWuUjT7Oa7o8yDGcnDw1cx2jL3d01z0t_AxhvHuyW_fDKuKaNB5SlEyLN2qSvHRAP-aT11VcF-t3DsEBqO8r2WTzmxe_4jBTzf7iSN1hhCExE8P9mQL-dlj_ErRdRyilqxfpTZO_eMz-JIo0KZONJF00L3rSTERThK3_EfBNYbRTXLYf7AheFc8IrpE-LNRA97XwoCgI-DRLZRy3zUhp3TGqwkT61ZV0IzfQC66O4Lk_gqI58UOtJRy8tnPdB3XH2syzoxb0NQ15d4M1ISST2kJfF2sRboYpdaPox-LvSTWRtaVpl1IsTjvY4_BRLc1SUBhl8ySE3wcBY5dD3D0hpViriumh8tZSoKN3NdlqQhn7lgUTuRFV0gVx1YlSyHX3ydRGMUBAmZZdFf3ZvUKwZDqg9r6AaeZtYkj2bYRIylYtHIlTtCXQa0cL0UTrE99SBQjqY-SXvYbW0ZL8_OZBSKOdt9cUYDe5PtHTAGlv36bdAdyedVgDGxBV2OgOCtSedqAeBoN6t3kHQaSES0gtAx53kJ4AUoSDBbss6j_9AP2O5Iu_e8yCEt0riw5pT8BF7vIRkfeAYe_Y8O9I8RgRF2E4IoGNmBvmmSmG2OuM05b8Xi3yat_UdFujVrykZvy1ezCn_Yiao6yHbn31f8kqgZUZ7Q&cid=CAASJeRoPZPTxluposP_b5ofjGUbu6lMiBRGvWqEwbpQGFBGgOsmqOs&rfl=1%2Chttps%253A%252F%252Fwww.rbc.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 02:06:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 656C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtKftP9tAY_W3CIyy3gPYsbWoDQAAAAA4AeAEAg&bg=!CQqlCk7NAAYQgTJdMIE7ACkAdvg8WiRe9yI54_K8eI-xr59bja1bbDH0QTHYxaIoLzZlsBBo3lBQ1gIAAABfUgAAAAJoAQcKAH8A6MJo24iBA7S1WXRq4eUyEQx6JykV8r003X4Ac46-3Zj0xrwuk8miu4P6khGGaqxY_vldI6ZyQXqGf4aBNVnIs8Ha5JpStoGtFiO89ZkaiFCRC-Z0LzKv3b_sAGkwD0hA2rymEQ_oTDdFHyxkRrZklUzdLIUC_AH1FhYMAgv5mQL5d92M-Uk6OyHUTa94b08Nj0huTfUR4WfY1aZfVhkkhoTyc0NgIgk4WfMLo6nJS_1UScY-vnBQrwNPkCX1SMTTiv8xp12nlUFTfncdf6odWs2xSRKGiYE-CaBCdgsWjpTizHtYpmSRxMERrVHj2CEByE2ZNrzY-onT4f5glbo8tF4sC0aROPLen8OXgaKjbf0SYSkrQonXDiUcwLHUVEFaMd91K1Ixck-J4PuTxVUzp20ObEKR6GEeK9dgKDjhfk7levC40eQvu_ysMtLQFP3x0ZzIpgscKHMJ4cposDUKqB2iXEpDTY-ctUfuw3b5m_jW2I9MNekfYzR72qShoS3VRvNXMnCW40JVHVoZpxAFqzBZSgMRXa4OfBgQyX3o6JzQnoA9PWUbxk_czS0DA-8SdkbysEij-2ItiAVdC2qmyBLWTQjfH0lIhaowj45ZR3tfPIZIBrJls2gn1_-_pCe59pZD7YUsG-EaEa4Pi7abD_oBbDqJZX7kwI9XU1sgkttMesdD7wFx_Cx72UptB3kpZov_PPD-28eIdLR2C8in9KBGQH8paqxaOJ0m-txWvhC480r-GbSMY4fTl9SU2pqib1cHpPmT5aE1WGP_6A6sKYvLHBKEyoNVbsazKiPeDTzhhPUMuAIAL-29NFDC-_ht64nBkbOvJItZq0xaEUkiICmGOLcQkg0m37av6VHXvF_kwc2uBWiQw7j85FIwoM2n-8V4Ypw97zZWhPJvpK_4uGdpVaxhFSJFiAYwkrDNUrwR6xqPsElYnUXByZhuGqEAmmC2K9Ei-WyquSwji1d6DuZ-XRcwXF-Jvqom04_7Dy2JOpgR4M-WlcdqbaEBtn1SaY_S2PyR0sVz45-vDCLicwJ1FYBuGV9S8Y3PbynXqM-Oj9SOAzS8nSt-rnv9Wdq9-sTrQr5_gcFYiM70f687FAvRxH0KoHA2QgTnIxohdyCC2aND59sRuYp3erWVGW17fHMkCvgSfzN4vX1Yi9dpinOY362xbRDGOP0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=2363470868012192&bg=!OjmlOX3NAAYQgTJdMIE7ACkAdvg8WrwVwinORpXaGGmOoUN2lY28WqCSnMIAnkQIxK9Zp3beYdppMAIAAABhUgAAAANoAQeZApaJLo4OkmEw3vlFKccyu6x4nyTE8XjO98LQx8Uc5tJrAjUqPa_XGnoc7HTn90Bnt3Pl5G1XvcVx4nhF7f-MRErPKV9IE6nO01Acfnm3BMiv7hh3ENeKTPyIU8p3A02pEpR5xHFC5jKoppMG6lja1gRkv7sPVcEUDdW0_bhKPoDcbWKy3jpSVu7DfWs9iVOSgs1WYXvi-1wYMdjnNq1mqulh6NEAew_f1UbfKl6KQpgOECHwgFWkiuinjljJUhYWieLPEmiyM-4JAniOUnKbvRNpuwJ5T6Rut4XRzomhdi3fDInEqQJg4DxM4VFF6bf4AaWg5IZDB8Iy3RT4JuJKYd1Q6f6JFzXLKn9uOl0tTtUY4NSgNE6W2P_mc72nOaxfp-gM5CUOz0Z5yMyViW_P6cVGEXr3QgdWoxffjqWuxdc9M24tUQIiDgDBJvJHV2Cp4pYzNunM_T229Svm-4-YoALrB83cMj73jLTKpr29AUGJVoRm4hheOAt7bkbtW2H1DAGV4eIi08LnFLFlC8iBzPs9Wsxl8Kpczg0MrYow4dIdNxdF9insOlXdr_4AOdQjJ-mkBeIVqSexAcPAQv7wV3YAp4ZHkvHYW36JEuyTXpSjEeKYSaEpXmMpbxWRLbvVysnrt1sZ6UK5FtyOntaoYiD_D9JpPUoFd8aitF1hBuODx0TQ2noEIq2-U9X9Y0B5Oi3HwngG5ml_6JohBf-KLMwbq5-pf01oTeKR9LVWwXI05IaQGIQL7udSxjD80jCwU6eYBqxvPsNzQF2s-s5YkC1xJ09OYj_QkEjWh9F-w6XzirMo-n9EsTkXWRwcteZlFgaA8mFXA8Gg-Ub-oAW-xK5HD-8XPQ4KfyXgTpDjarZrBA8RWmLpzA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.rbc.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 59A6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUxQE5ifLIfvNBMToixYoysEFskY6rYQAYfOQLEHIf3etry-gswM-CTND8YE0lCchsBV6gQ9x8TA2J3b7taEB19HVuN2cIPpKQUxn5VRlHMAAZOFp5fEtCoiRxijVoJqPrjWPuTg&sai=AMfl-YRJW_JSOatEK5hzpRG0WwH-7NEdtQTqYJoIki8bu8P3aeDHi75CjqnhuzsueCcFahdIu_zbtHJWkOGePNvuo6t-wfQ4l54vUyJ8soKKkOhNIaDMOBIWZc8c9SCe__g&sig=Cg0ArKJSzAA4eRhR5YCwEAE&cid=CAASJeRoPZPTxluposP_b5ofjGUbu6lMiBRGvWqEwbpQGFBGgOsmqOs&id=lidar2&mcvt=1000&p=533,1150,783,1450&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3409417865&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665194814966&rpt=483&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Oct 2022 02:06:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| clientIp string| GoogleAnalyticsObject function| ga string| rbcDomain function| customLaunch function| $ function| contentSlickCarousel function| setCookie function| getCookie number| dfpLoad object| googletag function| loadGoogleTagManager string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event string| rbcSafariPermission string| rbcSafariDomain string| rbcWorkerFile string| rbcWorkerPostPrefix object| lazyObserver object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt object| GoogleGcLKhOms

28 Cookies

Domain/Path Name / Value
.rbc.ua/ Name: _ga
Value: GA1.2.151563351.1665194814
.rbc.ua/ Name: _gid
Value: GA1.2.1253595991.1665194814
.rbc.ua/ Name: _gat
Value: 1
.rbc.ua/ Name: _gat_editionTracker
Value: 1
.rbc.ua/ Name: _gat_withoutiaTracker
Value: 1
.rbc.ua/ Name: __gfp_64b
Value: Opiw3ezJD0D4hAA5.7TrD0nHesE5Gj10XJFan9FxPV7.U7|1665194814
.hit.gemius.pl/ Name: Gtest
Value: KlGTlRGGQMQGqNvpa-jbxEsissGMXP8c25nSGY_B4en8XBG.
.hit.gemius.pl/ Name: Gdyn
Value: KlGPGRGGQMQGqNvpa-jbxEsissGMXP8c25nSGY_B4en8FRxSG7RrGS6Gr9FBFlM2xgGPo1RGF8CBI8l8MG..
.doubleclick.net/ Name: IDE
Value: AHWqTUl5-lYT6OWEaJrxTJ03zbpTp2y0tpJ51F2JefXGvQCgFVkvrB7lTUk64zBJ9kg
.rbc.ua/ Name: __gads
Value: ID=f737253846fac6cd:T=1665194814:S=ALNI_MZ7jV81EyUw8rMebL6rUQ-JHiC0kQ
.adnxs.com/ Name: uuid2
Value: 3612116042166345395
.casalemedia.com/ Name: CMID
Value: Y0DbPwGyP7R-J2PvVslYnAAA
.casalemedia.com/ Name: CMPS
Value: 1212
.casalemedia.com/ Name: CMPRO
Value: 1212
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2InA>#uJ+!@wnfH8K6pQK`!5=E<*L5?%K@]$R+o>^15RjE2ACht'c]1pVHJC#!bDp$qP8%nugO%v4VB%noAd*8?jm
.ctnsnet.com/ Name: cid_49221e14c9ed44729c156854ce30695a
Value: 1
.ctnsnet.com/ Name: gid_CAESECEkOZJjU7l8ChTS3-L3xoo
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%220273AA67-D706-4367-9E26-BE4C5D41BCA4%22%7D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-dce8367e-243d-4380-b1a0-a26ac71f9021-003%22%7D
.bidswitch.net/ Name: tuuid
Value: 881a1241-b03c-4810-9d8d-3fcad87e5a75
.bidswitch.net/ Name: c
Value: 1665194815
.bidswitch.net/ Name: tuuid_lu
Value: 1665194815
.w55c.net/ Name: wfivefivec
Value: KSyvi2yP1OGZeT5
.w55c.net/ Name: matchgoogle
Value: 5
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-dce8367e-243d-4380-b1a0-a26ac71f9021-003%22%7D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmZqaGliYWhqbmgCAFQcBosQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjK1NDa2MDCyMBHiM9QtKnY0T0t3NTM0NTIEAGHM8pUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjK1NDa2MDCyMBHiM9QtKnY0T0t3NTM0NTIEAGHM8pUlAAAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4730d58a90299eef86b487797695133f.safeframe.googlesyndication.com
ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
cm.g.doubleclick.net
data00.adlooxtracking.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
j.adlooxtracking.com
ls.hit.gemius.pl
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pm.w55c.net
rbc.ua
s.ad.smaato.net
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.rbc.ua
x.bidswitch.net
142.250.186.130
146.59.30.100
18.197.134.247
185.80.39.216
185.89.211.12
193.0.160.129
213.19.147.44
216.58.212.162
2600:9000:223f:7800:1b:5138:8a40:93a1
2606:4700:20::681a:32f
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9b
3.120.72.4
35.186.193.173
35.190.0.66
35.241.31.249
37.187.27.147
54.37.238.28
66.155.71.149
02cff5503cc397bd97b4f66065c8096550302a012d15c03cf936cc1566862439
08cea27316fd2479e024bf25627efb4756f0e277f9afcdc7c34abbf40c12f2a6
0977e4169a0ecf59b4d8f488b6eb95757b61ca31222cc6b7eb8f47137b1c04b2
0a1e69cda9af4f31a3cbb4f3c2ff7aae63a034d603d9438a72da94369ee88387
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
1227c5ccf5e239153488648e9cd4d805af4260a069fcb7dbd43f1ed641a634e2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
1b27787017d71ed2a0b92667c109eec42c4fe5722866b86c4185c64111fb0ea7
309a34e01bae0d7e20cf231fccda6582a03416c2c7c4c442aef19ceefd55c54a
3600d5d161593a066ed57bfa0f44230fd55d0fbf709e0517c7a30e69b4eef59b
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3aba64b31457450ed0fc3ed597675418551691f678e067d8705aa57d758d8e89
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3f1812a74374641914df57de47dd317dc5bc04fc1ea27d809af73ad947c7ff70
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52763887b3ee62de1b38cc69f9e495deec57566c9914cb5b7fce604768c05713
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bc6b53417d3153185f19efe6dd91614646cda8d8b71af3f3434c41144b83eb
575485018c1bf62495d593ada6ef2edaedc6a32df99832a0e6b7bd709a566122
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59e7381567c22349042a07538afab4678196e35bbedbd993287c695b981ecd46
5d3a6da9f48321b3fe7201bdea2a5dc54a8b8767ed5be780f1fc7aafe4265dde
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6252221fb7de0ea6398c1b27b70ce45d2aa964da3c2fd51835db1b53dea39961
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
716937ffb0c161e895405bdbdf473baa7d9389bf56c35665dd2762eae3cd6e93
7522bdb73aef101d720c307f2d22d35cefa0c034aaae7b908c16c9322b02c9ba
7b060ab77d7936f01366713129755ab42a8a0d9dfeb36895c1de2f35b16ff92c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b5b7b749347914a655856a84ebbd73acddf7a2eec43733e04570decff287ae6
983e01efb541530c468e1facfcd20a5eb7d8858f637eb2410788c8144df40986
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9437edd4224c8c939b07f585089e985322bc678875f9bdd8b6c28f685e5fe16
ab69f842348dcfe5859c97a6cfd4792ab7f806418cdafc4e602c16cc20300c28
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16d47ed64568d693f127ea82b50a49057826754f5c571757dcf1e5f11f63676
b413c731a49f264ef643191cb853b04bde53cfb095554fec018ccc1af919a42b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93
b5ea6aa76900136ed243cf3076d034e4753f56b010f20aa5996d089adceab008
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
c117d008d63822c6150195fc1a4c2600289e74e33df9ee3327ec96aad6646070
ca4edd9af57d58c1f381a3cd03d5d49a89497d1e6f5ef6a96cb156321a44ef83
d36253140224d3e65922719329cba306a98af2154419ee3b571399b1ddc0bdf9
d5951a2ded41941bf6c00b9866ce72f6d5301b48c4aa9938d6be734f7044b9b9
d6b917f157bfb62bac7457644f5e973c44a310d99508a0c22d2021411c244876
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f1924b1d27feb56f3a7ce3cfd3fbeea440f75797e480ee39f73fb1f227a0f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f020c1ba7ee0dce0c0b9679339e958e106734fc49aa2e856c8243b821ce83600
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63e304ec909a252c22d5bb42f34d957b49b1b01a3f9d0a39433f0a409999572
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72be510bc5d22141547745a87e36d2f30bdf5e92c20a5f2ae873f861e358086
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f867278377c5578383d4d5f7650fa21f7373b063611d392178b774c3867a34da