www.rbc.ua Open in urlscan Pro
2606:4700:20::681a:22f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rbc.ua/
Effective URL:
https://www.rbc.ua/
Submission: On February 12 via automatic, source certstream-suspicious (February 12th 2023, 3:13:10 am UTC) — Scanned from DE

Summary HTTP 124 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 21 domains to perform 124 HTTP transactions. The main IP is 2606:4700:20::681a:22f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rbc.ua. The Cisco Umbrella rank of the primary domain is 216160.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 12th 2023. Valid for: a year.

This is the only time www.rbc.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:20:... 2606:4700:20::681a:22f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c1b::65	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1 4	51.83.200.186 51.83.200.186	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
2	34.249.210.67 34.249.210.67	16509 (AMAZON-02) (AMAZON-02)
4 11	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:f000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 1	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2600:1f18:1ac... 2600:1f18:1aca:4282:4411:386:33a0:3439	14618 (AMAZON-AES) (AMAZON-AES)
2	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
124	28

15 2606:4700:20::681a:22f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rbc.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.rbc.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c1b::65 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.83.200.186 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-51-83-200.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.210.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-210-67.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.180.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:f000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.83.142.19 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4282:4411:386:33a0:3439 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	324 KB
23	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 324	183 KB
15	rbc.ua 1 redirects rbc.ua — Cisco Umbrella Rank: 207624 www.rbc.ua — Cisco Umbrella Rank: 216160	204 KB
13	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 697 static.adsafeprotected.com — Cisco Umbrella Rank: 558 dt.adsafeprotected.com — Cisco Umbrella Rank: 526	100 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	289 KB
8	gstatic.com fonts.gstatic.com	101 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 532 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 433	4 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 64525 ls.hit.gemius.pl — Cisco Umbrella Rank: 12991	22 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 209 secure.adnxs.com — Cisco Umbrella Rank: 424	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6186 adservice.google.de — Cisco Umbrella Rank: 8804	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	20 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 708	487 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	75 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10894	1 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 323	460 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 298	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 741	709 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 583	540 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 842	598 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
124	21

	Domain	Requested by
21	pagead2.googlesyndication.com	www.rbc.ua pagead2.googlesyndication.com 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
14	www.rbc.ua	www.rbc.ua
11	s0.2mdn.net	www.rbc.ua s0.2mdn.net
11	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
9	dt.adsafeprotected.com	6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
8	tpc.googlesyndication.com	pagead2.googlesyndication.com 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
8	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	www.rbc.ua 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com tpc.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
4	gaua.hit.gemius.pl	1 redirects www.rbc.ua gaua.hit.gemius.pl
4	www.google-analytics.com	www.rbc.ua www.google-analytics.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.google.de	www.rbc.ua
3	stats.g.doubleclick.net	www.google-analytics.com
2	googleads4.g.doubleclick.net	www.rbc.ua
2	onetag-sys.com	1 redirects 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
2	static.adsafeprotected.com	pixel.adsafeprotected.com 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
2	6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagservices.com	www.rbc.ua 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
1	m.exactag.com	6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
1	secure.adnxs.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	match.adsrvr.org	6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	fonts.googleapis.com	www.rbc.ua
1	rbc.ua	1 redirects
124	35

This site contains links to these domains. Also see Links.

Domain
daily.rbc.ua
styler.rbc.ua
travel.rbc.ua
coronavirus.rbc.ua
auto.rbc.ua
realty.rbc.ua
t.me
specials.rbc.ua
marketing.rbc.ua
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-12` - `2024-02-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-02-10` - `2023-05-27`	4 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.rbc.ua/
Frame ID: 2799E737DA2C2FF538ECD98807AA524A
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 669251C9B5219A73E3BA66274837C84C
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 9F03E9A58F7BEF7AD1D543EC7284F034
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3325851766052018&output=html&adk=1812271804&adf=3025194257&lmt=1676171583&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rbc.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676171583586&bpp=3&bdt=332&idt=307&shv=r20230207&mjsv=m202302070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3043216034998&frm=20&pv=2&ga_vid=213842210.1676171583&ga_sid=1676171584&ga_hid=44637140&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072259%2C31072373&oid=2&pvsid=3711110687032928&tmod=1617384209&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=341
Frame ID: B5F26734276AFB3A2CC519612B767764
Requests: 1 HTTP requests in this frame

Frame: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E85DEF3279E15A5B3A45D5D2A7D18164
Requests: 1 HTTP requests in this frame

Frame: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 89DE38752503B5B90E78EB2D17462A4F
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWiscX0GUgrmEfR0QF9K92pRZ5DSquMa_TNrDB7QJ6VE_8uuIVSmDxigJ02lRq9S06TBLSpy0BMbvGfHz3d7HB3tyQA0M8zlxep_UQsrTmdHeOmv1tpyFF-N5BPqFWVYszNXUtu63Ys33mTtV5R3P4ngexciHqCnl1eFoaXJwwCBDvWZY8
Frame ID: 4EAFE4424CC28130E5E60DF6537248B0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A968DB33B470B8E5DC3818657AA74E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EA9F6A16BF5686EBDF7A066AF1C68CD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 87D1AA4ADF4485DAEA72CF9FEA7013FB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 08F7E1A09E8C43C6A77526A7D3981E50
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6AB36D0B5DC6CCD471797FDC5104E433
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
Frame ID: 20C53D99437AB4A7A74BD7A2FCEAC754
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: F464497D42D1BEEDFA9F6B7B0EE7F0A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини - Останні новини України сьогодні | РБК-Україна

Page URL History Show full URLs

https://rbc.ua/ HTTP 302
https://www.rbc.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

124
Requests

91 %
HTTPS

53 %
IPv6

21
Domains

35
Subdomains

28
IPs

8
Countries

1325 kB
Transfer

3277 kB
Size

18
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://daily.rbc.ua/
Title: Daily

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/
Title: Styler

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/
Title: Travel

Search URL Search Domain Scan URL

URL: https://coronavirus.rbc.ua/
Title: Коронавірус

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/analytics
Title: Статті

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/interview
Title: Інтерв'ю

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/opinion
Title: Точка зору

Search URL Search Domain Scan URL

URL: https://auto.rbc.ua/
Title: Auto

Search URL Search Domain Scan URL

URL: https://realty.rbc.ua/
Title: Realty

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/zhizn
Title: Життя

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/persona
Title: Персони

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/intervyu
Title: Події

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/nauka_i_tehnika
Title: Новини науки

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/tsirk
Title: Курйози

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/sport1
Title: Новости спорта

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/teleshou
Title: Телешоу

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/kino_i_serialy
Title: Фільми і серіали

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/voyna
Title: Війна

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/nuzhna_pomoshch
Title: Потрібна допомога

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/author
Title: Наші автори

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/novosti_aviatsii
Title: Новини авіації

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/ukraine
Title: Відпочинок в Україні

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/abroad
Title: Відпочинок за кордоном

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/putevoditeli
Title: Путівники

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/experience
Title: Особистий досвід

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/weekend
Title: Вікенд

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/columns
Title: Точки зору

Search URL Search Domain Scan URL

URL: https://t.me/RBC_ua_news
Title: Читайте нас в Telegram. Підписуйтесь на наш канал

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/author
Title: Наші автори

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/show/buduvati-popri-vse-komu-ta-k-tse-vdaetsya-1669110532.html

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/allnews
Title: Ще новини

Search URL Search Domain Scan URL

URL: http://specials.rbc.ua/
Title: Замовити спецпроект

Search URL Search Domain Scan URL

URL: https://marketing.rbc.ua/
Title: Дослідження ринків

Search URL Search Domain Scan URL

URL: https://www.facebook.com/www.rbc.ua

Search URL Search Domain Scan URL

URL: https://www.facebook.com/messages/t/www.rbc.ua

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rbc.ua/ HTTP 302
https://www.rbc.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://gaua.hit.gemius.pl/_1676171583831/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=hOOAb1Z4lZUe.c1PAFhd.1QT45bontvV68av57SrZHH.27gJYSnSDcMOICFCBJzs0.h.nq3s5DzhvJCSe9ZmCsShpJeG/KAMHHaDr0fgWS/&fpdata=J2B6dALwnkr6FnVZxCxBjS72yHiqmtFcYqt8gMHGbZf.l7&ltime=165&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63e8593f2799b343&brts=1676171583&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1676171583831/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=hOOAb1Z4lZUe.c1PAFhd.1QT45bontvV68av57SrZHH.27gJYSnSDcMOICFCBJzs0.h.nq3s5DzhvJCSe9ZmCsShpJeG/KAMHHaDr0fgWS/&fpdata=J2B6dALwnkr6FnVZxCxBjS72yHiqmtFcYqt8gMHGbZf.l7&ltime=165&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63e8593f2799b343&brts=1676171583&fpcap=

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOV1Ytyk9o-lRmrqLwbgsrc&google_cver=1

Request Chain 68

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.hZQGw7EKPfCCNvlQDBzgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOV1Ytyk9o-lRmrqLwbgsrc&google_cver=1&google_hm=2

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL4dDOS-YcrYFYRd7LzTMgk&google_cver=1

Request Chain 70

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NjUxNjU0OTA1ODE3Mzc3Mg%3D%3D

Request Chain 86

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENnE5agS8kmF6eBbJDFo_3o&google_cver=1&google_push=Aa02lx_vsNub1FaoHcVbNpaepSgISgZLTS2IOhiO-Q3xXIqpTBYnAvtJV9k3WpjMAKSXtgPR1mR7u9UXGctAbn9KE2LCE_gtJBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENnE5agS8kmF6eBbJDFo_3o&google_push=Aa02lx_vsNub1FaoHcVbNpaepSgISgZLTS2IOhiO-Q3xXIqpTBYnAvtJV9k3WpjMAKSXtgPR1mR7u9UXGctAbn9KE2LCE_gtJBQ

Request Chain 87

https://um.simpli.fi/gp_match?google_gid=CAESEP40CBMOL9BiSTB362OMATM&google_cver=1&google_push=Aa02lx-D3ntm6x_LtxBCJ_tm670uNxiA6RPou6EIe4AoFOr_AY-OoLjZN9UHLlGuV_nuR46M9IyWUvT-kPCbF7u1qs14IopHgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9D9493A1258F4C7DB168297D0311B7FC&google_push=Aa02lx-D3ntm6x_LtxBCJ_tm670uNxiA6RPou6EIe4AoFOr_AY-OoLjZN9UHLlGuV_nuR46M9IyWUvT-kPCbF7u1qs14IopHgA

Request Chain 89

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDl2fDDLKF_wYVCv9kA9DU0&google_cver=1&google_push=Aa02lx8pBtzQRos6yZOKHUtTHaqr6V1aPtMlfeGQ5Sh5YfH8HhXADmnr8zaSgGkdcSNEdysYHBeUd3hxQqMVNJPp0O_0j52SoWY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEUwVEE4SjUtMVktOTNUVw==&google_push=Aa02lx8pBtzQRos6yZOKHUtTHaqr6V1aPtMlfeGQ5Sh5YfH8HhXADmnr8zaSgGkdcSNEdysYHBeUd3hxQqMVNJPp0O_0j52SoWY

Request Chain 90

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJDGNWQLlvynH-ReC9omuNQ&google_cver=1&google_push=Aa02lx8sxJK5jw3t9-x6TmN_m17UwTGxznJJF6xwbGIjDlUK0-LAim9sebGFrVydQ8r1a7kXvSLObFpswgnV05QgZy6cjjvFvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJDGNWQLlvynH-ReC9omuNQ&google_hm=Y-hZQGw7EKPfCCNvlQDBzgAADUIAAAAB&google_nid=index&google_push=Aa02lx8sxJK5jw3t9-x6TmN_m17UwTGxznJJF6xwbGIjDlUK0-LAim9sebGFrVydQ8r1a7kXvSLObFpswgnV05QgZy6cjjvFvA

Request Chain 91

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECPckpwF1SC0SCgma38HaSI&google_cver=1&google_push=Aa02lx9CX9RUDe58wKeZwCY4Xn5n5ls88J1dheahEnH0I_6bZVoblaGPOY6UuFaqtQ1Rv4FZlqRJLPUiH156ZEtryPEtEMeY2Xn8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9CX9RUDe58wKeZwCY4Xn5n5ls88J1dheahEnH0I_6bZVoblaGPOY6UuFaqtQ1Rv4FZlqRJLPUiH156ZEtryPEtEMeY2Xn8 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 92

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOCoUp9qtKLuK5ATC6R114g&google_cver=1&google_push=Aa02lx_y7VF4MlZZtKjx3Q4etL83UnBliel2Y8H2h2O-bTq-n2ADuHVGys-5Eo5-90a7h9YAnqV8gJ62xNbut2WxfXRqUY4TOLAU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU2NjUxNjU0OTA1ODE3Mzc3Mg%3D%3D&google_gid=CAESEOCoUp9qtKLuK5ATC6R114g&google_cver=1&google_push=Aa02lx_y7VF4MlZZtKjx3Q4etL83UnBliel2Y8H2h2O-bTq-n2ADuHVGys-5Eo5-90a7h9YAnqV8gJ62xNbut2WxfXRqUY4TOLAU

124 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rbc.ua/
Redirect Chain

https://rbc.ua/
https://www.rbc.ua/

170 KB
49 KB

75ms
60ms

Document
text/html

2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faa6a9a0e33d5fb21615db43f511620592e7ca57e065748b9720d878f8b89612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7982256afd1b360e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 12 Feb 2023 03:13:03 GMT
id: 2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5WzS0sGcOKQUtxYZporh0Nllo8pfH%2FsjGh7HdCprRPwV6q9tH2t6fjZkHgeyZL9g9AnrCwH939FpUye2%2FFI4rTewIuVL8GhdQXKwoin3rKwvNt1WMy1cLyuqaDGWFNnePc2x1Msrak%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-cache: HIT
x-page-speed: 1.13.35.2-0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 7982256aad01360e-FRA
content-length: 138
content-type: text/html
date: Sun, 12 Feb 2023 03:13:03 GMT
location: https://www.rbc.ua/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u72ZkdHrfJgqvLLZs39dbYnptDcz%2Fw2e%2Bks3PUnKxmymMncK3m8choGivj88XeSbSR457sXpAUat5obKDAvRiR7WuYVBQ7vpDgM6YyJU06QBgmHGsCyLwTQnAqZxvucTFykPeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 188ms
71ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5951a2ded41941bf6c00b9866ce72f6d5301b48c4aa9938d6be734f7044b9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Feb 2023 02:17:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Feb 2023 03:13:03 GMT

GET
H2 200 big-logo.svg
www.rbc.ua/static/common/imgs/ 5 KB
2 KB 22ms
22ms Image
image/svg+xml 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/common/imgs/big-logo.svg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f020c1ba7ee0dce0c0b9679339e958e106734fc49aa2e856c8243b821ce83600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941823
last-modified: Tue, 26 Jan 2021 09:25:46 GMT
server: cloudflare
etag: W/"600fe01a-14f5"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kps%2B87%2FtnBJclhtGccY1PtkQFagRc9ZnXqbcyDDC9HxkkhZVrxgbaLpV0%2B4f6Ie6zHopekC0PshuQgh2a%2BEnIYFV1SQX88P19iPJJldOIYRAM2wUX%2Bx3uyw9kGwUWdH%2Fqj7qlM2p1OA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7982256b5d3d360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
18ms Script
text/javascript 2a00:1450:400c:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::65 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Feb 2023 01:49:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5037
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 12 Feb 2023 03:49:06 GMT

GET
H2 200 upd_2_ukr.svg
www.rbc.ua/static/common/imgs/ 5 KB
2 KB 25ms
24ms Image
image/svg+xml 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/common/imgs/upd_2_ukr.svg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52763887b3ee62de1b38cc69f9e495deec57566c9914cb5b7fce604768c05713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941674
last-modified: Tue, 26 Jan 2021 09:25:46 GMT
server: cloudflare
etag: W/"600fe01a-12e3"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMqmVr3w9kHIO1IdFz%2Bamkrc8cp4L4mWV0bM%2B6e6Xdry6C9eu7%2F9rcWxUL8M7om0bltdh6KLR0weH5dGIgsKd3BXf7DO7RrdpV4XlN32utDLCaItg0l5h2U88PjFosy0VgzdpVqEFU4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7982256b8d4b360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3j0a6335_id55505_1300x820_4_650x410.jpg
www.rbc.ua/static/img/3/j/ 26 KB
26 KB 22ms
20ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/3/j/3j0a6335_id55505_1300x820_4_650x410.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5786976ca54a04d8a4a15d3dd6a6c3b9c79226a459959fd24a42c5e221c5a2d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32277
content-length: 26200
cf-bgj: h2pri
server: cloudflare
etag: "63e7d92d-6658"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dsv1oBEENhnJsnfonGVfsc47AD65EOm7USQkUGEU6vxKcuJ79GmR3b4JCLUhMokj2KiPs3qqOE8WcBOblhzqxKjxBOj%2FecMTaMDLF6OXYZ2qeucTiZTrVfZT1LKdNB%2FtzZHEwUh%2B4Hc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256b8d50360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dscf3279_id86691_1300x867_18_300x189.jpg
www.rbc.ua/static/img/d/s/ 6 KB
6 KB 23ms
20ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/d/s/dscf3279_id86691_1300x867_18_300x189.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8848de9cf0a1559226eb7e721f9102fc885b6ad457d4061ecb05eefe14cbbf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22454
content-length: 5635
cf-bgj: h2pri
last-modified: Sat, 11 Feb 2023 18:44:36 GMT
server: cloudflare
etag: "63e7e214-1603"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjQhsQYrnF83yPNd9aVYLLv0PQAsssFc5PfrWEo2qOAK%2FJYA79vP513LJV7uJ%2FDzl2AZhDA3i1pjcm2MK5TvGlXM3cSCVm2fgresj5JVzEG4p1FrCocGC3LxVkHQStL7Rylci18LEiI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256b8d55360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _zaluzhniy_golos_com_ua_7_300x189.jpg
www.rbc.ua/static/img/_/z/ 12 KB
13 KB 27ms
24ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/z/_zaluzhniy_golos_com_ua_7_300x189.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42bb42ed6041810abb44416c044cd5534528f113fb58f8eed3ee7452e63ea88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35689
content-length: 12543
cf-bgj: h2pri
last-modified: Sat, 11 Feb 2023 14:58:14 GMT
server: cloudflare
etag: "63e7ad06-30ff"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVsiZ4yqBqyyd%2FgunEp39MpqBqq91ZFnNmFMvSnL%2F9paOcudrw9fQ7c8yjRn6lSkv4xV5KrlC3ALMFfYCj6gs93SWe2udfb8s6zrx4EncuHQ9wdTbCPRdvEU7hZQ7CQgH6UWfUXSQFQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256b8d56360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 111_618_300x189.jpg
www.rbc.ua/static/img/1/1/ 15 KB
16 KB 24ms
22ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/1/1/111_618_300x189.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a407a25c88eaa1df18f1f229f0a479d762de5b9ec19f14c8a120d44c4546c5af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30627
content-length: 15233
cf-bgj: h2pri
last-modified: Sat, 11 Feb 2023 17:58:39 GMT
server: cloudflare
etag: "63e7d74f-3b81"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIPqiSY83OiyRj64cxGssyzLm8WnpUhl7lizi5YPGXEoffsOda45pWRCuf3m3%2BpYDTKXcfXbrKckAJ2T0fV7%2B6ndCgRREQIBnTyo35NTkd9amppZWve2hSGXqKms%2BGobjgzHgx5NFNU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256b8d57360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _viyskoviy_osin_avtomat_gettyimages_1244197193_3_300x189.jpg
www.rbc.ua/static/img/_/v/ 11 KB
11 KB 25ms
23ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/v/_viyskoviy_osin_avtomat_gettyimages_1244197193_3_300x189.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df213de7df4d4c44e6aafb50afd8879eb80193949f2e849ffafa808efb43ed5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37253
content-length: 11331
cf-bgj: h2pri
last-modified: Sat, 11 Feb 2023 16:28:56 GMT
server: cloudflare
etag: "63e7c248-2c43"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B729%2FaG0VDuYTpIuS7Qy21Wsp0l7wf44R1tPzLY7ZRcNzd%2FxOpHNVkKy3Vj1rx1l8OMoNa5WCg%2BEW868FvCxQlI%2F4axcqV%2FulSQcU51JBCAPMyxq%2BR0rzUTfu6QUzV4tWOSYOgdif4A%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256b8d58360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pxl.gif
www.rbc.ua/static/common/imgs/ 807 B
1 KB 20ms
19ms Image
image/gif 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/common/imgs/pxl.gif
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 937721
content-length: 807
server: cloudflare
etag: "600fe01a-327"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XZI1XSWEQcOj6TIR%2Bgp1vXJ26%2BuGzdH62P1fAm5BrVS1ZCi%2BcFnXBGwYBr4A%2BXmaR9SB88F2ZRMva%2FLLziJ7LoivoihBmo%2FGAmAo%2FltXXd2dRY3eXj96CiXqZAKLvvvcU91d8fTfm8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256bad63360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2___2670_100x100.jpg
www.rbc.ua/static/img/2/_/ 3 KB
3 KB 25ms
24ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/2/_/2___2670_100x100.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63e304ec909a252c22d5bb42f34d957b49b1b01a3f9d0a39433f0a409999572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941674
content-length: 2907
cf-bgj: h2pri
server: cloudflare
etag: "62f39ca5-b5b"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3MLOgikQk7WVUr9ZjPIrgWaUdJhvS%2Bu6a9hNZNzKX6JOFtVUkKrC%2FuCyrkceXKrpla3cjw9idH1xp%2BSVCW8%2B1xK0kFkBkvcQYh%2Fe9lVzFUNkP8FDv7L5g0BAKjL3qOhsO2Fo923TKc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256bad65360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ____41265_100x100.jpg
www.rbc.ua/static/img/_/_/ 3 KB
3 KB 23ms
23ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/_/____41265_100x100.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8766f55aadf54eff459c4fe9f597e6bfeb5624e3bff4f8e0cfbc8fb5f2202567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941620
content-length: 2601
cf-bgj: h2pri
last-modified: Tue, 24 Jan 2023 13:03:49 GMT
server: cloudflare
etag: "63cfd735-a29"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kbNMTW1rjw%2Fa8B0iG3%2BSyysrNW9gAVPDxHyfSoRYKzkgZfpWajFjeKpwNd%2FJVf8JN9%2FvtQiJ4dpLo8lMbZaLL2AsbVlgx2%2FamYjy6I%2F%2BsupzWVJKjZF3KdZUE6PiHUZfmb3NT7vp9k%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000, s-maxage=10
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256bbd66360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 200h200_profile_uriel__2_5_100x100.jpg
www.rbc.ua/static/img/2/0/ 3 KB
3 KB 22ms
21ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/2/0/200h200_profile_uriel__2_5_100x100.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911e0866d5183467fbc02fcc822a82fe09803286174cda8772a578da965dff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941674
content-length: 2768
cf-bgj: h2pri
server: cloudflare
etag: "6374cfa6-ad0"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcHf4C5iI3Vrg7sYCJ5LRyzg0EeAoCxbb3ZSj7YwrXO1zmMMlgBavHn518DRWcIc1Tmt0YHmeB7tP4pjK5vhFFvT8UY9AdP%2BjJqmTPu%2Bl4xu6U6HpED7AJt9F6h2g69%2FMnVAERkiILM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256bbd67360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 authoresse_100x100.jpg
www.rbc.ua/static/img/a/u/ 3 KB
3 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/a/u/authoresse_100x100.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 111e8accd85778604951d3929df73b7d62a3cb3ba7881d5a6d3fb5651abce2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941674
content-length: 2970
cf-bgj: h2pri
server: cloudflare
etag: "63a068c3-b9a"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6bMRB%2BTf6Ym%2FTAurRKUq8mVMIbZI50Qbvl72ErHeeh3BwbjjV%2Bkm%2BJcE4iC4Q3MpN0NDWQFgfOy6q6Ci1LCPaDfUNTG310x%2BqvcJjrN8hlNr7vL2ueH3O6WvQuJ%2BHpbEvn61MLmfCY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7982256bbd71360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.js Show response
www.rbc.ua/static/production/ 204 KB
65 KB 29ms
26ms Script
application/javascript 2606:4700:20::681a:22f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rbc.ua/static/production/desktop.js?1.55
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea77bc6a84d2aacdca75f1b41871a46f14d4370fe5dc4d2471f5e086d647184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 208976
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941819
server: cloudflare
etag: W/"627a3194-33050"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoBkjedakpvqpY0r9o56%2FYWMzTqHuI3Qu3kNa2rTg2jJTWirWiaEn0bRxIyu6n43gRNLVDnhgpQ5CUDj1w7eFoZuLROICDgNDWdUZdt5bRgM2%2FM7DjuxJEbH2rarztfLScW0eQzjUxE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7982256bad62360e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 213ms
82ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0e35fc874ebc584a6d3ba217ad3bb5a62ffb225cd16a0c0c5e912fc5ab21baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49620
x-xss-protection: 0
server: cafe
etag: 1848444942638569353
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 03:13:03 GMT

GET
DATA 200
OK truncated
/ 610 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9437edd4224c8c939b07f585089e985322bc678875f9bdd8b6c28f685e5fe16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 575485018c1bf62495d593ada6ef2edaedc6a32df99832a0e6b7bd709a566122

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b27787017d71ed2a0b92667c109eec42c4fe5722866b86c4185c64111fb0ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 51ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11428483-1&cid=213842210.1676171583&jid=1380867184&gjid=408979089&_gid=1679055918.1676171583&_u=YGDAgEABAAAAAEAAI~&z=1056129769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 23ms
22ms XHR
text/plain 2a00:1450:400c:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=44637140&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAAI~&jid=895764938&gjid=240188331&cid=213842210.1676171583&tid=UA-11428483-16&_gid=1679055918.1676171583&_r=1&_slc=1&z=331689387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::65 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=44637140&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAAI~&jid=1747389943&gjid=1707345785&cid=213842210.1676171583&tid=UA-11428483-19&_gid=1679055918.1676171583&_r=1&_slc=1&z=2042952171

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::65 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 19ms
18ms Image
image/gif 2a00:1450:400c:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=44637140&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAAAAI~&jid=1380867184&gjid=408979089&cid=213842210.1676171583&tid=UA-11428483-1&_gid=1679055918.1676171583&cd3=business&cd5=2a03%3A1b20%3A6%3Af011%3A%3A5e&cd6=2a03%3A1b20%3A6%3Af011%3A%3A5e&z=45527353

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::65 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 10:21:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60710
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 22ms
19ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11428483-16&cid=213842210.1676171583&jid=895764938&gjid=240188331&_gid=1679055918.1676171583&_u=YGDAAEABAAAAAGAAI~&z=586912307

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 30ms
28ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11428483-19&cid=213842210.1676171583&jid=1747389943&gjid=1707345785&_gid=1679055918.1676171583&_u=YGDAAEABAAAAAGAAI~&z=20849946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 164ms
47ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 487447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:48:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 215ms
101ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 01:58:46 GMT
x-content-type-options: nosniff
age: 263657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 01:58:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 260ms
145ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:02:23 GMT
x-content-type-options: nosniff
age: 112240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 20:02:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 172ms
59ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:23:02 GMT
x-content-type-options: nosniff
age: 474601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 15:23:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 244ms
131ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:47:39 GMT
x-content-type-options: nosniff
age: 113124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 19:47:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 264ms
152ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 10:53:50 GMT
x-content-type-options: nosniff
age: 145153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 10:53:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 230ms
120ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 361398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 22:49:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 264ms
158ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:46:50 GMT
x-content-type-options: nosniff
age: 440773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 00:46:50 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 194ms
72ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11428483-1&cid=213842210.1676171583&jid=1380867184&_u=YGDAgEABAAAAAEAAI~&z=1861911696

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 195ms
74ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11428483-1&cid=213842210.1676171583&jid=1380867184&_u=YGDAgEABAAAAAEAAI~&z=1861911696

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 192ms
71ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11428483-16&cid=213842210.1676171583&jid=895764938&_u=YGDAAEABAAAAAGAAI~&z=824801851

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 195ms
74ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11428483-16&cid=213842210.1676171583&jid=895764938&_u=YGDAAEABAAAAAGAAI~&z=824801851

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 190ms
71ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11428483-19&cid=213842210.1676171583&jid=1747389943&_u=YGDAAEABAAAAAGAAI~&z=1028531891

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 192ms
73ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11428483-19&cid=213842210.1676171583&jid=1747389943&_u=YGDAAEABAAAAAGAAI~&z=1028531891

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 125ms
27ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 63cfbcc612feb4e41d3792c5630e579d89b1292f4095c057f97e40a7901f24ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 15:19:30 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17134
expires: Sun, 12 Feb 2023 15:13:03 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 210ms
81ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498fbae28d4de7c0ed8b5d8ce6545532f874d077e29deb670a8bfa19a84967e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27248
x-xss-protection: 0
server: sffe
etag: "1480 / 308 of 1000 / last-modified: 1676070298"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 Feb 2023 03:13:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302070101/ 362 KB
119 KB 188ms
93ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua&bust=31072373

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc11b397e0f5082835fd8cb9ad4c6cf14e1b4f0e3727cb993c881c6c4a42e6e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121790
x-xss-protection: 0
server: cafe
etag: 15476044372935866021
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 03:13:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 6692 10 KB
5 KB 165ms
47ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 15:23:13 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 15:23:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 275 B
390 B 24ms
24ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.rbc.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 470fa91fcb0cfe2528500b2b68314ea45fb8e87b0952dcd2ebaa7e5937e51f11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 275
expires: Tue, 14 Mar 2023 03:13:03 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 9F03 5 KB
3 KB 127ms
26ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 880928b7317600870d543d05557488aa74f775ef0ffb39a469b094624ec289d8

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 03:13:03 GMT
etag: PRIVATE7520710249
expires: Tue, 14 Mar 2023 03:13:03 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 pubads_impl_2023020701.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 177ms
47ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa19ab413493b004c5957325db711ffde124c52cb5007049f1331dd1302bc774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133135
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 10 Feb 2024 15:38:34 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 264 B
666 B 198ms
69ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.rbc.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5ea6aa76900136ed243cf3076d034e4753f56b010f20aa5996d089adceab008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124
x-xss-protection: 0
expires: Sun, 12 Feb 2023 03:13:03 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1676171583831/
Redirect Chain

https://gaua.hit.gemius.pl/_1676171583831/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc....
https://gaua.hit.gemius.pl/__/_1676171583831/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.r...

169 B
427 B

90ms
89ms

Script
application/x-javascript

51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1676171583831/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=hOOAb1Z4lZUe.c1PAFhd.1QT45bontvV68av57SrZHH.27gJYSnSDcMOICFCBJzs0.h.nq3s5DzhvJCSe9ZmCsShpJeG/KAMHHaDr0fgWS/&fpdata=J2B6dALwnkr6FnVZxCxBjS72yHiqmtFcYqt8gMHGbZf.l7&ltime=165&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63e8593f2799b343&brts=1676171583&fpcap=
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 79aa7b0871292c624f83bd5eccaa620df469a2607b14c341e4ad35a7e9934303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Sat, 11 Feb 2023 03:13:03 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1676171583831/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=hOOAb1Z4lZUe.c1PAFhd.1QT45bontvV68av57SrZHH.27gJYSnSDcMOICFCBJzs0.h.nq3s5DzhvJCSe9ZmCsShpJeG/KAMHHaDr0fgWS/&fpdata=J2B6dALwnkr6FnVZxCxBjS72yHiqmtFcYqt8gMHGbZf.l7&ltime=165&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63e8593f2799b343&brts=1676171583&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 11 Feb 2023 03:13:03 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
598 B 221ms
69ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.rbc.ua&callback=_gfp_s_&client=ca-pub-3325851766052018

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3325851766052018&plah=www.rbc.ua&bust=31072373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2ba80bb9100d90b26dd3d622f20b2f8a68173c8bc2c69984ce64175396eb9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 254ms
69ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.rbc.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 209ms
79ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rbc.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.rbc.ua%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B5F2 0
188 B 100ms
99ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3325851766052018&output=html&adk=1812271804&adf=3025194257&lmt=1676171583&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rbc.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676171583586&bpp=3&bdt=332&idt=307&shv=r20230207&mjsv=m202302070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3043216034998&frm=20&pv=2&ga_vid=213842210.1676171583&ga_sid=1676171584&ga_hid=44637140&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072259%2C31072373&oid=2&pvsid=3711110687032928&tmod=1617384209&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=341

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 03:13:03 GMT
expires: Sun, 12 Feb 2023 03:13:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 350ms
350ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3711110687032928&correlator=3341259307360235&eid=31072038&output=ldjh&gdfp_req=1&vrg=2023020701&ptt=17&impl=fifs&iu_parts=67465299%2CRBC_main_pages_premium_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3409417865&sfv=1-0-40&cust_params=site_variables%3Drus%252Cwwwsite&sc=1&cookie=ID%3De8fab8d53ede2874-223ba1070cdb004b%3AT%3D1676171584%3ART%3D1676171584%3AS%3DALNI_Mbsd8OZ2SssBSsOne7xFKFWirWwNg&gpic=UID%3D00000bb3dcc3c34d%3AT%3D1676171584%3ART%3D1676171584%3AS%3DALNI_Ma3N1-uDgvw_rnXdkw1fGVQnwtWSQ&abxe=1&dt=1676171584162&lmt=1676171584&dlt=1676171583254&idt=882&adxs=1150&adys=557&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.rbc.ua%2F&frm=20&vis=1&psz=300x2383&msz=300x-1&fws=0&ohw=0&ga_vid=213842210.1676171583&ga_sid=1676171584&ga_hid=44637140&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a089edcbfe88652d786c58e47892f72ecb3ae913cc1767763e7ce3113a48a919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8916
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E85D 6 KB
3 KB 264ms
80ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 03:13:04 GMT
expires: Mon, 12 Feb 2024 03:13:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
81ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69d9eefe86c6c9c14846ce4b3307ecf807d0b059893c7daac13bee54cf9f2308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11192
x-xss-protection: 0

GET
H2 200 container.html Show response
6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89DE 6 KB
3 KB 73ms
42ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 03:13:04 GMT
expires: Mon, 12 Feb 2024 03:13:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 248ms
115ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 03:13:04 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4EAF 624 B
242 B 73ms
72ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWiscX0GUgrmEfR0QF9K92pRZ5DSquMa_TNrDB7QJ6VE_8uuIVSmDxigJ02lRq9S06TBLSpy0BMbvGfHz3d7HB3tyQA0M8zlxep_UQsrTmdHeOmv1tpyFF-N5BPqFWVYszNXUtu63Ys33mTtV5R3P4ngexciHqCnl1eFoaXJwwCBDvWZY8

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 03:13:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 89DE 78 KB
27 KB 82ms
81ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 03:13:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89DE 42 B
63 B 81ms
79ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEdRLBUoSoQ1gO1oN_LMbLGxtyWyStB46wI3I6NcxoHH3x9CdMMgf7vmGmuC607hJHXPZTRorltJ9Fw04VgiFKc-x9b86q9Wu5jdRVZFvzJE3tPaA

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89DE 0
20 B 80ms
78ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11860533419592529842&x=1&ct=76

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 89DE 47 KB
13 KB 218ms
32ms Script
application/javascript 34.249.210.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.rbc.ua/
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.210.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-210-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5c3b713a30e0af8135fe7225f880ad7f6ffdec837b9cca15789c6ce9a1a46f2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 89DE 3 KB
1 KB 108ms
55ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 89DE 18 KB
8 KB 99ms
48ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 89DE 0
0 72ms
70ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzxHi26qHZ7AsTHLtmGCk_42nYm7Yg2LvJfCKqt-w4MdwZ_BIokiq0FQtpyOwUXHehq0FC1wI87h3KLuFx22kWnjI5Qw
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89DE 156 KB
48 KB 109ms
108ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 03:13:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4EAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOV1Ytyk9o-lRmrqLwbgsrc&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOV1Ytyk9o-lRmrqLwbgsrc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWiscX0GUgrmEfR0QF9K92pRZ5DSquMa_TNrDB7QJ6VE_8uuIVSmDxigJ02lRq9S06TBLSpy0BMbvGfHz3d7HB3tyQA0M8zlxep_UQsrTmdHeOmv1tpyFF-N5BPqFWVYszNXUtu63Ys33mTtV5R3P4ngexciHqCnl1eFoaXJwwCBDvWZY8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Feb 2023 03:13:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOV1Ytyk9o-lRmrqLwbgsrc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4EAF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.hZQGw7EKPfCCNvlQDBzgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOV1Ytyk9o-lRmrqLwbgsrc&google_cver=1&google_hm=2

43 B
766 B

19ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOV1Ytyk9o-lRmrqLwbgsrc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWiscX0GUgrmEfR0QF9K92pRZ5DSquMa_TNrDB7QJ6VE_8uuIVSmDxigJ02lRq9S06TBLSpy0BMbvGfHz3d7HB3tyQA0M8zlxep_UQsrTmdHeOmv1tpyFF-N5BPqFWVYszNXUtu63Ys33mTtV5R3P4ngexciHqCnl1eFoaXJwwCBDvWZY8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Feb 2023 03:13:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOV1Ytyk9o-lRmrqLwbgsrc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4EAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL4dDOS-YcrYFYRd7LzTMgk&google_cver=1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL4dDOS-YcrYFYRd7LzTMgk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWiscX0GUgrmEfR0QF9K92pRZ5DSquMa_TNrDB7QJ6VE_8uuIVSmDxigJ02lRq9S06TBLSpy0BMbvGfHz3d7HB3tyQA0M8zlxep_UQsrTmdHeOmv1tpyFF-N5BPqFWVYszNXUtu63Ys33mTtV5R3P4ngexciHqCnl1eFoaXJwwCBDvWZY8

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Feb 2023 03:13:04 GMT
AN-X-Request-Uuid: c4a4c03e-96c8-4fc6-a30c-f8a1cbe439d6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL4dDOS-YcrYFYRd7LzTMgk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4EAF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NjUxNjU0OTA1ODE3Mzc3Mg%3D%3D

170 B
243 B

84ms
69ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NjUxNjU0OTA1ODE3Mzc3Mg%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 12 Feb 2023 03:13:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7eac6b54-3b0e-4077-ac2b-2f0412ebe66e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NjUxNjU0OTA1ODE3Mzc3Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89DE 0
20 B 81ms
80ms Ping
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1812992532159&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89DE 0
20 B 85ms
80ms Ping
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1812992532159&version=m202301230201&ct=76&x=1&cor=11860533419592530000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 89DE 86 KB
35 KB 115ms
113ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CiKx8xBsR5Sh43P3LjrS0tsWC3-_bA2dNWqgl8frm_Bjwc6RDvHW4I5O8oQuGhiIZfVacKa--2GsMgYpmVZTzQUp1mWo4wBV4YBbxIFI-7khwnkZ8HMdMyc4qkItm2EoGykxwWqHjQ6cWrUUhxXk_MUtQp8jaEyOJmrDISl28JdrzpwyI&dbm_d=AKAmf-BJ5M9kqvr9GXjlkpBWe1O2LWjQH3CrdCUCm87MK9G0zA_vMOXqLmSaftejPpcdL-7hcxDk8uhzwzrwm040dH9ll0D5gd4qxOtdKYMQ_EyHdy6OjAUtc2ZR1090qZ4krRnPkqeNVZfUp31ZSZznKV8aFC2hvL_gdqIjwOy2fL8oYrY0N9X_TG5keCbm8cdJdPXdWXvuH1sFrIRPNKIAwB4Of3bJSerGLsIlNDaH4cgHB1k0-hojbhtkjpzBalTHe_cDv3PemOaysRpsYnKaPEMI7TUmmgQdwvSbMhqbxKduya5Ww-FPEfBRK-__qNI4KoPok9TaNG_5ACy5BWoGIkKlZDGsrG0awL6vBDwYRHLP19yobSZ5uvqQzRChWKEtAd1UgRvrsKoca2GpwSC0To6KZUCsghXQUgkVpiFuh1S8XQVhuKyaR-aOUuNtdL9nTuCB8IN0u0c0c8QqA5MnbEBnygkv7BWDywDa-vR-M7kma97e6c9BVVLz-bUX4_UxwPN6ch6A1o2P62xKAFOtLz7m3Hm4ftR_ILjj-8Xmwky9ePBdr95mtJZF8cfbqphLw1jVL_ah2vVEcEc0rlGTLhF1pYnRbw5_GhCPnrG_CaayN6JaxdX0P-mGVh5gVIC9cDi6zdefdmCF2levIBjqVGquqXq9Em7ohKYVohz5K-N6-ayluw4pnaL7GNoo7ZYbzTqZq-QHqk4c5gc1NynxtiL04r-bcLmL7us8LlCLsNK4SxsngCN4NDKA9_1IRg8xVbBjQBxlEtGEy9PTdrrmmyzZ4mNsVMQFOuy9RTYMOL4B0jU7pYtCthI_0qx3c3_gRPahVLDCySKr2_5k7t6N5sLM9Em5cS79RrU-seUKZTnOE226woj1asvNKPCQHJVXFDzYRgtqEKLvLd6fJzmiPM5gJpDGLZ3QwnTjvTMBgc7hWnoCkThLKeCJoJrqrBkvbS1w5Jn1R2-Ux25YEDKF6PnUtRDoaBFmTN_A4i3ngO8K749vci149mv-iou90SzLfUy882fqLQ6td9AiMUD5fYiSwuN_fiVEWVz06psx88Xq-fN9AQI1qRsBZx2fbD1xtsJyVK0MDFqhUldCJ-1WaRQdTCdDzb6vWIRscA2GG6CSYUOrP2zjSR8RYwNqCG2z5uyBj842X6wwbp_uy6rdAmvVl3LG-QC6s1VBoOoGvptRJtauBo6w1IQmQovXQ0dqfQkgg8TIKzGPQLK6TyKde9gPzlAQ__I7J23RKZQQzyrKFVvSkh_rV0t7ozCuCbDyunsh-4r9YcCBBtLzvzTA6rG7jT2I7TMryAtLaNMqpl97riES48WRVtknkCJY8PCm0vcU467vfKGzr1HHZrPQAGqW5AWbl21Q4Sld_-QkowfMipLQB9s8prfIYI0_VedPgT774LAhE8kReTLEGlCGrULPRHk8LauzIZyqhTohwaX1aD3ZTDP6mIxDQ7B9ZDqxbre0z8sKGylZJFrR0kAJo3_dL05dX7M0KcvKDTJ5FWKElYrtkcd6mU_rPSKqXjypp9yXeqMPYQBAbLNWb4QfYwVG9F_Y5iyIICOXDjpKETykJJ7IcETU_GjMqagxb99s9jsX7Dyn8vVwAJsqBThPnoXUt1gDZDArbnD7CUvl1fyE7fMMgK0NLsUS9_CUUljKK7ryzOOYPW2mJHY5QPe95bdKj9Yxsnjlx8Pm_9Mqe2-oKU15SbyJDaRlKqIOJ7_Xh305OOICUgm3AgUkkkzJNDaPLpvWiIJxNibtmzDPispy0vtCNLfpADhQvRqxLu8fJS8rNm-Z1wNGzmbUIdUFXfBhGXTDSQBrFSM6WMl-Qz2SWYeCqRNVD7WDEokf1fgx8wfS15GcflIULZloRW77Cunjljacv4NvxR_P_O4kuNTez3ptaZ8_ChI9kxLLYEOndYqA7nvz3QOVnB4EaTI3WxCJNklAMXp2DNnnb620VZQC9K79uatXo4vwV1uZOL3d7oNripwXEpnmsgeEN3iWQjhBrvDkegJ18eWD26A85E_OAicgDk4MlT5pjvtzDgvLgvCSdyJYaM0UGmn1SGre2w8lWzgg7ALxctvqduW4Z46RQpH4o_tfcmyI0vkBRwhxY1EaezVZp5asyM4za5g8SCmxKJukeNPNs0tU3T0USARRHxx76WDeCDVmugTGcpgH-NTa996Yu8fnBgVJh1_Fex56CbfgkGZum77lL3mAT9AGE-pzI3164ALm2ojk8ReK9Y_b3glM8Nwc4m1QhH5LbJXsAQXRUVOF3ZbgEKSMWwdO-D85Yeva7o1_ZttAXHt0dD2D0qb9kwBazhPBU74Ssrc3phAC-jGT3yUEXvo_yDsBmE2VeABGSVvsxu2dQKKMdjMJVOPQUwpIJwMG3XRC_OwWkGvoHYIxRXt5wwgrDdjERpm0VxlNjqud4frVyRvYN_sSkVROm7PLmhbOB0J-J85NI9xg-JJpTKnrAAaFPyWHRsA9Na06XlZmd7DTq1a70aq1S4sKwMQqdkNd3POP-q5h7U9vaDGO29qKYkU4QrYnH8l7CE8ombBY92p8wX4yIzLKbgpnCQ8kv1bqoMnnWts42J60EaDkgnefWQqvbmIQQTVa1G7LEyHZ7jvtop-36I9WvZ6qkjBrxowbrxCloKtiQtOMRZo5dOLmy1_XiwzbLKiGY7UJLg9kz8KcZIP85CTD8EM381LC-nGDoQo1y_htaVnePJky6lA0yzUUJflBdObDWsgATZKLl9-d9Vn16toEOR_08jz1NTDy4hjwoleULUXP_B8C3QVukl16nyribVRI4NJIqT2mRBk5FYt4F-uxzcwFCANAYPCSM0U0aWcR8ufxbMJojdRzwwg0q8m3bKi9b2t_ylj_u9uB5bsSc6zxW24-Sk85teyU0w1PrK9cXhkl-3aRKXR6g-khXXCQf6Nx9kE5GKQ5xiMJDwEk2ziSKLa4eDQ8raUjjEAn009mjxR8Wy2eYwhQkErCu8riZkxi7yHP6iPDBKXhNFVQBe7nQuceQOlWrXu6EHPQP0KlesInucUbr9_JVXP_VS1hN9b9xSBIhVguLLcB7KZyNDZIlZAj1Dpqajk66TBELEqB7CaoAJKeze-5_x3uosUnCGhwMGiy6q3CfRyI3e329aJVEKHR6gt5LmsdffKonqqZ4HnQnb4w1AI9n8418vXJVEOQZKzhfQccTe7q7AZCtgHe8PI6u2ZiVdl3nVc5EZ4DWbvQEzEfkrNhogQjJAlWspJsaD64f0VOCBABcByXAt5G11s4jsFKnargCXGL7fGrvmg167SV_voOhYVX4ThSylsVTIgc5DVfY12QmFD4hJw8EKXFNtu3bzQaqBHYu38VRnL9LWCHktUUTjwyR63VySu6Bq8yX_Z1PMnYeSUYFtqYIJpcvRIrgMVwFG1drHTo6Bsj6UEqZHhb-EVXT38k2m84Qg6ULEihXnd0czqyrE1Kus802TjDPmnQRVub_Sy4ftH-dLilPdmHkRSpG_488ADLzTRYYfIbfuTIidwPPYriWN7Z1kdEMwA9zOiiMeRmjimWImjD8_ZH7E6k9Ac8pAUNg1YzLDrq6FGpMJhBhQevB7EUj1xO5hAICGjh2-Gmmt7HoBt1TYNGdqtUtYKHclJhJb_ObNfcG9t6A0mVIWHSN6SBLhhuozTTUOs2_sHEBnc9vvcgr-iAWnEKPofFAOrB-A6sehzdUmlAbfv74ozi03xgwY744mmTnU11tuiafR8qazW_9d_IAXR25rTPjgaMsXvCrCDpRFwA0xNYkPopv2Nq9H3RyJJdMMKF033WUo9CBoB4gl3AtgMsZ1bR0jBjBVCW6maKlbRpsqBcd6kTlEU9ngkHzmHiDijEImT_T9XcWOchDl51zt_egb8iPzedrNSRDblnEZ9z5NZxDgqqt8402CWW4AeUJgSDV4Du2rnpil7G39da7taeqqXG8htyBfnsQM33pKny21WF6LNd_Gh_&cid=CAQSPADUE5ymDLPF2b8IOMg6_eCf1dUbdexUdi4HhnqB5oITloX4zbqHSbK5Za2b_Eut0vyKuexhgQAhkPlHuBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.rbc.ua%2F&ds=l&xdt=1&iif=1&cor=11860533419592530000&adk=1964084972&idt=88&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad572029e495c4235b2bc29405f574f45e4f77c60b76ae7f4ae414baff6b662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A96 13 KB
5 KB 57ms
49ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:38:34 GMT
expires: Sat, 10 Feb 2024 15:38:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2EA9 783 B
532 B 80ms
73ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b267371f035aa652ececbba65e4b01295c3e476c6b76843c246bf977c3dd10a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ciaqnKo-1JgLeXFgJIAwgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-ciaqnKo-1JgLeXFgJIAwgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 03:13:04 GMT
expires: Sun, 12 Feb 2023 03:13:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 89DE 170 KB
59 KB 225ms
47ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
Origin: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 17:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 17:08:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/ Frame 89DE 8 KB
3 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CiKx8xBsR5Sh43P3LjrS0tsWC3-_bA2dNWqgl8frm_Bjwc6RDvHW4I5O8oQuGhiIZfVacKa--2GsMgYpmVZTzQUp1mWo4wBV4YBbxIFI-7khwnkZ8HMdMyc4qkItm2EoGykxwWqHjQ6cWrUUhxXk_MUtQp8jaEyOJmrDISl28JdrzpwyI&dbm_d=AKAmf-BJ5M9kqvr9GXjlkpBWe1O2LWjQH3CrdCUCm87MK9G0zA_vMOXqLmSaftejPpcdL-7hcxDk8uhzwzrwm040dH9ll0D5gd4qxOtdKYMQ_EyHdy6OjAUtc2ZR1090qZ4krRnPkqeNVZfUp31ZSZznKV8aFC2hvL_gdqIjwOy2fL8oYrY0N9X_TG5keCbm8cdJdPXdWXvuH1sFrIRPNKIAwB4Of3bJSerGLsIlNDaH4cgHB1k0-hojbhtkjpzBalTHe_cDv3PemOaysRpsYnKaPEMI7TUmmgQdwvSbMhqbxKduya5Ww-FPEfBRK-__qNI4KoPok9TaNG_5ACy5BWoGIkKlZDGsrG0awL6vBDwYRHLP19yobSZ5uvqQzRChWKEtAd1UgRvrsKoca2GpwSC0To6KZUCsghXQUgkVpiFuh1S8XQVhuKyaR-aOUuNtdL9nTuCB8IN0u0c0c8QqA5MnbEBnygkv7BWDywDa-vR-M7kma97e6c9BVVLz-bUX4_UxwPN6ch6A1o2P62xKAFOtLz7m3Hm4ftR_ILjj-8Xmwky9ePBdr95mtJZF8cfbqphLw1jVL_ah2vVEcEc0rlGTLhF1pYnRbw5_GhCPnrG_CaayN6JaxdX0P-mGVh5gVIC9cDi6zdefdmCF2levIBjqVGquqXq9Em7ohKYVohz5K-N6-ayluw4pnaL7GNoo7ZYbzTqZq-QHqk4c5gc1NynxtiL04r-bcLmL7us8LlCLsNK4SxsngCN4NDKA9_1IRg8xVbBjQBxlEtGEy9PTdrrmmyzZ4mNsVMQFOuy9RTYMOL4B0jU7pYtCthI_0qx3c3_gRPahVLDCySKr2_5k7t6N5sLM9Em5cS79RrU-seUKZTnOE226woj1asvNKPCQHJVXFDzYRgtqEKLvLd6fJzmiPM5gJpDGLZ3QwnTjvTMBgc7hWnoCkThLKeCJoJrqrBkvbS1w5Jn1R2-Ux25YEDKF6PnUtRDoaBFmTN_A4i3ngO8K749vci149mv-iou90SzLfUy882fqLQ6td9AiMUD5fYiSwuN_fiVEWVz06psx88Xq-fN9AQI1qRsBZx2fbD1xtsJyVK0MDFqhUldCJ-1WaRQdTCdDzb6vWIRscA2GG6CSYUOrP2zjSR8RYwNqCG2z5uyBj842X6wwbp_uy6rdAmvVl3LG-QC6s1VBoOoGvptRJtauBo6w1IQmQovXQ0dqfQkgg8TIKzGPQLK6TyKde9gPzlAQ__I7J23RKZQQzyrKFVvSkh_rV0t7ozCuCbDyunsh-4r9YcCBBtLzvzTA6rG7jT2I7TMryAtLaNMqpl97riES48WRVtknkCJY8PCm0vcU467vfKGzr1HHZrPQAGqW5AWbl21Q4Sld_-QkowfMipLQB9s8prfIYI0_VedPgT774LAhE8kReTLEGlCGrULPRHk8LauzIZyqhTohwaX1aD3ZTDP6mIxDQ7B9ZDqxbre0z8sKGylZJFrR0kAJo3_dL05dX7M0KcvKDTJ5FWKElYrtkcd6mU_rPSKqXjypp9yXeqMPYQBAbLNWb4QfYwVG9F_Y5iyIICOXDjpKETykJJ7IcETU_GjMqagxb99s9jsX7Dyn8vVwAJsqBThPnoXUt1gDZDArbnD7CUvl1fyE7fMMgK0NLsUS9_CUUljKK7ryzOOYPW2mJHY5QPe95bdKj9Yxsnjlx8Pm_9Mqe2-oKU15SbyJDaRlKqIOJ7_Xh305OOICUgm3AgUkkkzJNDaPLpvWiIJxNibtmzDPispy0vtCNLfpADhQvRqxLu8fJS8rNm-Z1wNGzmbUIdUFXfBhGXTDSQBrFSM6WMl-Qz2SWYeCqRNVD7WDEokf1fgx8wfS15GcflIULZloRW77Cunjljacv4NvxR_P_O4kuNTez3ptaZ8_ChI9kxLLYEOndYqA7nvz3QOVnB4EaTI3WxCJNklAMXp2DNnnb620VZQC9K79uatXo4vwV1uZOL3d7oNripwXEpnmsgeEN3iWQjhBrvDkegJ18eWD26A85E_OAicgDk4MlT5pjvtzDgvLgvCSdyJYaM0UGmn1SGre2w8lWzgg7ALxctvqduW4Z46RQpH4o_tfcmyI0vkBRwhxY1EaezVZp5asyM4za5g8SCmxKJukeNPNs0tU3T0USARRHxx76WDeCDVmugTGcpgH-NTa996Yu8fnBgVJh1_Fex56CbfgkGZum77lL3mAT9AGE-pzI3164ALm2ojk8ReK9Y_b3glM8Nwc4m1QhH5LbJXsAQXRUVOF3ZbgEKSMWwdO-D85Yeva7o1_ZttAXHt0dD2D0qb9kwBazhPBU74Ssrc3phAC-jGT3yUEXvo_yDsBmE2VeABGSVvsxu2dQKKMdjMJVOPQUwpIJwMG3XRC_OwWkGvoHYIxRXt5wwgrDdjERpm0VxlNjqud4frVyRvYN_sSkVROm7PLmhbOB0J-J85NI9xg-JJpTKnrAAaFPyWHRsA9Na06XlZmd7DTq1a70aq1S4sKwMQqdkNd3POP-q5h7U9vaDGO29qKYkU4QrYnH8l7CE8ombBY92p8wX4yIzLKbgpnCQ8kv1bqoMnnWts42J60EaDkgnefWQqvbmIQQTVa1G7LEyHZ7jvtop-36I9WvZ6qkjBrxowbrxCloKtiQtOMRZo5dOLmy1_XiwzbLKiGY7UJLg9kz8KcZIP85CTD8EM381LC-nGDoQo1y_htaVnePJky6lA0yzUUJflBdObDWsgATZKLl9-d9Vn16toEOR_08jz1NTDy4hjwoleULUXP_B8C3QVukl16nyribVRI4NJIqT2mRBk5FYt4F-uxzcwFCANAYPCSM0U0aWcR8ufxbMJojdRzwwg0q8m3bKi9b2t_ylj_u9uB5bsSc6zxW24-Sk85teyU0w1PrK9cXhkl-3aRKXR6g-khXXCQf6Nx9kE5GKQ5xiMJDwEk2ziSKLa4eDQ8raUjjEAn009mjxR8Wy2eYwhQkErCu8riZkxi7yHP6iPDBKXhNFVQBe7nQuceQOlWrXu6EHPQP0KlesInucUbr9_JVXP_VS1hN9b9xSBIhVguLLcB7KZyNDZIlZAj1Dpqajk66TBELEqB7CaoAJKeze-5_x3uosUnCGhwMGiy6q3CfRyI3e329aJVEKHR6gt5LmsdffKonqqZ4HnQnb4w1AI9n8418vXJVEOQZKzhfQccTe7q7AZCtgHe8PI6u2ZiVdl3nVc5EZ4DWbvQEzEfkrNhogQjJAlWspJsaD64f0VOCBABcByXAt5G11s4jsFKnargCXGL7fGrvmg167SV_voOhYVX4ThSylsVTIgc5DVfY12QmFD4hJw8EKXFNtu3bzQaqBHYu38VRnL9LWCHktUUTjwyR63VySu6Bq8yX_Z1PMnYeSUYFtqYIJpcvRIrgMVwFG1drHTo6Bsj6UEqZHhb-EVXT38k2m84Qg6ULEihXnd0czqyrE1Kus802TjDPmnQRVub_Sy4ftH-dLilPdmHkRSpG_488ADLzTRYYfIbfuTIidwPPYriWN7Z1kdEMwA9zOiiMeRmjimWImjD8_ZH7E6k9Ac8pAUNg1YzLDrq6FGpMJhBhQevB7EUj1xO5hAICGjh2-Gmmt7HoBt1TYNGdqtUtYKHclJhJb_ObNfcG9t6A0mVIWHSN6SBLhhuozTTUOs2_sHEBnc9vvcgr-iAWnEKPofFAOrB-A6sehzdUmlAbfv74ozi03xgwY744mmTnU11tuiafR8qazW_9d_IAXR25rTPjgaMsXvCrCDpRFwA0xNYkPopv2Nq9H3RyJJdMMKF033WUo9CBoB4gl3AtgMsZ1bR0jBjBVCW6maKlbRpsqBcd6kTlEU9ngkHzmHiDijEImT_T9XcWOchDl51zt_egb8iPzedrNSRDblnEZ9z5NZxDgqqt8402CWW4AeUJgSDV4Du2rnpil7G39da7taeqqXG8htyBfnsQM33pKny21WF6LNd_Gh_&cid=CAQSPADUE5ymDLPF2b8IOMg6_eCf1dUbdexUdi4HhnqB5oITloX4zbqHSbK5Za2b_Eut0vyKuexhgQAhkPlHuBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.rbc.ua%2F&ds=l&xdt=1&iif=1&cor=11860533419592530000&adk=1964084972&idt=88&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:37:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 89DE 29 KB
11 KB 48ms
46ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce3bd0ddc646ca2386b5c7f5337865a617b1f739833ba623b4ee0fbb1dca32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10959
x-xss-protection: 0
server: cafe
etag: 8014804816029865715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:37:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2EA9 0
0 85ms
84ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=3711110687032928&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A96 36 KB
14 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 12:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 12:01:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 89DE 41 KB
15 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 15:37:20 GMT

GET
H2 200 main.19.8.394.js Show response
static.adsafeprotected.com/ Frame 89DE 200 KB
63 KB 142ms
3ms Script
application/javascript 2600:9000:223f:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.394.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a37a4e2f1464a5f82bafc1aea9bc92be25447be734467ecdbd5e1874e22551b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 16:21:45 GMT
x-amz-version-id: _dZBOGo6WbGPtb685W__WVIjRkb5PQgb
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 125481
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Feb 2023 22:04:06 GMT
server: AmazonS3
etag: W/"23f65915f6ceb35c339633ede270d26c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: wp7vngr826tgT1_C05RPsXgsyG9m8LYzBKyLUQQWYT8ylxnvGnk0cw==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 87D1 1 KB
643 B 55ms
54ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 04:54:21 GMT
etag: 48472445140208031
expires: Sun, 12 Feb 2023 04:54:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 89DE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93adea7bd4231d016e95318ac2a860ab8cd6d8b67b47af8d9f1c51eba2ae928b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 08F7 22 KB
8 KB 58ms
52ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 129140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:20:45 GMT
expires: Sat, 10 Feb 2024 15:20:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87D1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENnE5agS8kmF6eBbJDFo_3o&google_push=Aa02lx_vsNub1FaoHcVbNpaepSgISgZLTS2IOhiO-Q3xXIqpTBYnAvtJV9...

170 B
188 B

117ms
81ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENnE5agS8kmF6eBbJDFo_3o&google_push=Aa02lx_vsNub1FaoHcVbNpaepSgISgZLTS2IOhiO-Q3xXIqpTBYnAvtJV9k3WpjMAKSXtgPR1mR7u9UXGctAbn9KE2LCE_gtJBQ

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220056-HHN
pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1676171585.264507,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENnE5agS8kmF6eBbJDFo_3o&google_push=Aa02lx_vsNub1FaoHcVbNpaepSgISgZLTS2IOhiO-Q3xXIqpTBYnAvtJV9k3WpjMAKSXtgPR1mR7u9UXGctAbn9KE2LCE_gtJBQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87D1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEP40CBMOL9BiSTB362OMATM&google_cver=1&google_push=Aa02lx-D3ntm6x_LtxBCJ_tm670uNxiA6RPou6EIe4AoFOr_AY-OoLjZN9UHLlGuV_nuR46M9IyWUvT-kPCbF7u1qs14IopHgA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9D9493A1258F4C7DB168297D0311B7FC&google_push=Aa02lx-D3ntm6x_LtxBCJ_tm670uNxiA6RPou6EIe4AoFOr_AY-OoLjZN9UHLlGuV_nuR46M9IyWUvT-kPCbF7u...

170 B
188 B

101ms
89ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9D9493A1258F4C7DB168297D0311B7FC&google_push=Aa02lx-D3ntm6x_LtxBCJ_tm670uNxiA6RPou6EIe4AoFOr_AY-OoLjZN9UHLlGuV_nuR46M9IyWUvT-kPCbF7u1qs14IopHgA

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 12 Feb 2023 03:13:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9D9493A1258F4C7DB168297D0311B7FC&google_push=Aa02lx-D3ntm6x_LtxBCJ_tm670uNxiA6RPou6EIe4AoFOr_AY-OoLjZN9UHLlGuV_nuR46M9IyWUvT-kPCbF7u1qs14IopHgA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 11 Feb 2023 03:13:05 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 87D1 70 B
265 B 153ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB4Ps2I0xlxvHTHuuRIBAYQ&google_cver=1&google_push=Aa02lx9h9bkMA-9eHSBBy_pq1uK8DTehe0PINtKFjm8qbstGSVCcFTlHMcSQ9QuNR1NFCLSkRNFEKkWIi6acJqV5Qmqznio39Ss
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87D1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDl2fDDLKF_wYVCv9kA9DU0&google_cver=1&google_push=Aa02lx8pBtzQRos6yZOKHUtTHaqr6V1aPtMlfeGQ5Sh5YfH8HhXADmnr8zaSgGkdcSNEdysYHBe...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEUwVEE4SjUtMVktOTNUVw==&google_push=Aa02lx8pBtzQRos6yZOKHUtTHaqr6V1aPtMlfeGQ5Sh5YfH8HhXADmnr8zaSgGkdcSNEdysYHBeUd3hxQqMVNJPp0O_0j52SoWY

170 B
188 B

99ms
96ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEUwVEE4SjUtMVktOTNUVw==&google_push=Aa02lx8pBtzQRos6yZOKHUtTHaqr6V1aPtMlfeGQ5Sh5YfH8HhXADmnr8zaSgGkdcSNEdysYHBeUd3hxQqMVNJPp0O_0j52SoWY

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEUwVEE4SjUtMVktOTNUVw==&google_push=Aa02lx8pBtzQRos6yZOKHUtTHaqr6V1aPtMlfeGQ5Sh5YfH8HhXADmnr8zaSgGkdcSNEdysYHBeUd3hxQqMVNJPp0O_0j52SoWY
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87D1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJDGNWQLlvynH-ReC9omuNQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJDGNWQLlvynH-ReC9omuNQ&google_hm=Y-hZQGw7EKPfCCNvlQDBzgAADUIAAAAB&google_nid=index&google_push=Aa02lx8sxJK5jw3t9-x6TmN_m17UwTGxznJJF...

170 B
188 B

112ms
100ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJDGNWQLlvynH-ReC9omuNQ&google_hm=Y-hZQGw7EKPfCCNvlQDBzgAADUIAAAAB&google_nid=index&google_push=Aa02lx8sxJK5jw3t9-x6TmN_m17UwTGxznJJF6xwbGIjDlUK0-LAim9sebGFrVydQ8r1a7kXvSLObFpswgnV05QgZy6cjjvFvA

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=segyj1Sm%2B7zF6HlyOFbe1dzYjJVI1Kc%2FzYu%2FfW0uq9gYfL5nmF16ZgL5NQ9A7%2BrG43inlUM1WEW4w5NwzH3QBQCU2QDmI%2BeTggw2FptGpCjUVW%2BHDTHcfnECxVQewowlOidSwiL%2FUDlvHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJDGNWQLlvynH-ReC9omuNQ&google_hm=Y-hZQGw7EKPfCCNvlQDBzgAADUIAAAAB&google_nid=index&google_push=Aa02lx8sxJK5jw3t9-x6TmN_m17UwTGxznJJF6xwbGIjDlUK0-LAim9sebGFrVydQ8r1a7kXvSLObFpswgnV05QgZy6cjjvFvA
cache-control: no-cache
cf-ray: 79822577794c3618-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 87D1
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECPckpwF1SC0SCgma38HaSI&google_cver=1&google_push=Aa02lx9CX9RUDe58wKeZwCY4Xn5n5ls88J1dheahEnH0I_6bZVoblaGPOY6UuFaqtQ1Rv4FZlqRJLPUiH15...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9CX9RUDe58wKeZwCY4Xn5n5ls88J1dheahEnH0I_6bZVoblaGPOY6UuFaqtQ1Rv4FZlqRJLPUiH156ZEtryPEtEMeY2Xn8
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

47ms
24ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87D1
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOCoUp9qtKLuK5ATC6R114g&google_cver=1&google_push=Aa02lx_y7VF4MlZZt...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU2NjUxNjU0OTA1ODE3Mzc3Mg%3D%3D&google_gid=CAESEOCoUp9qtKLuK5ATC6R114g&google_cver=1&google_push=Aa02lx_y7VF4MlZZtKjx3Q4etL83UnBlie...

170 B
188 B

110ms
98ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU2NjUxNjU0OTA1ODE3Mzc3Mg%3D%3D&google_gid=CAESEOCoUp9qtKLuK5ATC6R114g&google_cver=1&google_push=Aa02lx_y7VF4MlZZtKjx3Q4etL83UnBliel2Y8H2h2O-bTq-n2ADuHVGys-5Eo5-90a7h9YAnqV8gJ62xNbut2WxfXRqUY4TOLAU

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 12 Feb 2023 03:13:05 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 31190107-e458-48f5-a8e2-531fc24e6708
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU2NjUxNjU0OTA1ODE3Mzc3Mg%3D%3D&google_gid=CAESEOCoUp9qtKLuK5ATC6R114g&google_cver=1&google_push=Aa02lx_y7VF4MlZZtKjx3Q4etL83UnBliel2Y8H2h2O-bTq-n2ADuHVGys-5Eo5-90a7h9YAnqV8gJ62xNbut2WxfXRqUY4TOLAU
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 87D1 0
59 B 77ms
69ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JisAMGWce9eAxSvbaCLKA6ca1Xol72USHYf1nO1PaJNSIm0e-Q1Dt4m53IVhRNtXd5OO6rjGA

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 6AB3 91 KB
23 KB 9ms
8ms Script
application/javascript 2600:9000:223f:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12397009
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: RTFTvRasXHIYMUd06pD_LGN5inqoAB9mPDiAI62TlE9DeWIFRhdLVQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 89DE 43 B
215 B 36ms
35ms Image
image/gif 34.249.210.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.rbc.ua/&adsafe_url=https%3A%2F%2Fwww.rbc.ua&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.rbc.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:96c215f5-a90d-372b-4281-2dcc05170b55,c:3YmGuU,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-9b95d8d8f-nktsf,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:231,mot:0,app:0,maw:0,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:264,oid:2a79b3c5-aa83-11ed-b06d-eaa3b7750450,v:19.8.394,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.210.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-210-67.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
216 B 813ms
81ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmGvB,pingTime:-3,time:306,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:263%7D,%7Bpiv:0,vs:o,r:l,t:305%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:306,n:305,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:263,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1,0~0%5D,as:%5B68~300.250%5D%7D%7D,%7Bsl:o,t:305,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:265%7D&br=c
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
215 B 812ms
83ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmGvD,pingTime:-6,time:308,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:308,n:305,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:263,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1,0~0%5D,as:%5B68~300.250%5D%7D%7D,%7Bsl:o,t:305,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:265%7D&tpiLookup=ao:www.rbc.ua*&br=c
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18371140143323373724/ Frame 20C5 1 KB
768 B 676ms
101ms Document
text/html 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40d163a81a60a4f29628f72060ad0fd3749411ea1c24d35a3c7a63d65ec356d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 740
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 03:13:05 GMT
expires: Mon, 12 Feb 2024 03:13:05 GMT
last-modified: Tue, 25 Oct 2022 17:09:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 89DE 0
0 762ms
66ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQekUYg8MFe_zOnDBmonlsWqHu6gm4l3PvxVLgCLmTrJVkr3eH_iPpdsGvTKGM5XaJw_9oBBaTQtMW4C1jbHB0S0qv1m6B9VZU29Ca04TAtZauSDj3ZpOh52POGfNtcfq4Nc-7prdIy8Hb5wev7yrBENiQy1WkoRg2Zf1Tup5d35LIc7gb9nGt-xp7NdmZAPFd0QHPnkcngArfRP7tLT-LV0aCZJrgGuJMKsfphJeA1WhPjz9A1ZTNKKeIfQDMiUbUHu1OFNh0XHEpzCtJ6RrsHzAdH97u_XYtYRQt_nzvgnuzCJYAb4P0TgNHg02bGk3PYQf5ha1xH1Hi0jimz8V2typpiyOW34eZGN4cjbYF4qVgsh0NO1b5wuuydlWufJMxOnehjN3i484TZUjuTkVRLTi4C9xwVKpZxCPaPzWeNEmPp5OffPfW3dotV0m_iL3sNBSbaYNQ2UObALpEXizHS9sg6fZUBPX3B-MjBPqlM1zo7g3ZgbSalFVNk-0amcuHZaC4bjgaSzobuXKoWjK07H4-PUVbHJIs-3ExckcB38Jay2gHem87jHCX0FCH15KyKOBGCXAKCoH70LTh32cRadRHCYACxhvYw7yuPLisz-dBsho7-2Z51_cs3Sm3zUl8ZqS-GCU5uag6obSe_nMsHAy1DWc5bPPWf6XmRufgQkbAQgISo3QJpUDFaQ-fzkGpXbPie7QQuM_OgmOfCTnu-UhYkIqX7CzKU6Ci76-ciBJqmbJ91hSRYnK0tn2NFc34GsCufkxgeoWIP99NF0alRRhCMU8IQCpt8ctfsTiok5MELFMNQSxT1fWGepfsLpkl_B4MSLSvDlQiGu8HQg5A7N_yQrC5Ox24Aad20iKlLXTKffEQxTiHeiexnYUZ7c0TbRGetfMFG61DwbPPGOZyEP92fy-UQsy-K3mvzpaWP3VFbEEi9rGdgLUWTp2aCm0-QEjMcZcExr9_r0n0_Z5AVBWJ0kZHxNRTjwY1hYA5wtK1ePFk86DHk_Ra1wiERWE065NhZIj8NVJ9QSM0sT3W1KNF-JOnII3Ji9BZpkZR4H77ElAu_UXylBAyf60rsHTl1sJK_AQ9gOW2-BomBGGs3LIgkqarHwGEwkR5msHsnxm85iMhXBBYiCfvQ3zbK57SvGouuuPyQtA7eGkoO7gt-NKRhcSA2tQSIZ2lSP8E5GPdHOsZMuZx41TMCvKniWdeiSQRf8P66Jv9UevpODeqRqBfSDB9TSGSWz8tVLAolX26hF7aPeGQQX8w2KJI7kbVBck7fP0GOCoJRU33or_m54NC22RWcUzy8jMuqw7w&sai=AMfl-YQC5BhCnhTR4kRwuNvdklHQkLxBYvZaoVI52-xPs0E7alRWJHXYFC9Y2E8XU07KbHy1LAiQteS-3S35_ISVNCeb9-Jlk2hrtJPyKxg2AIj1kKVGuk3bMSHT0f5C9Y4f-wWBmxanyKca2StaTh-LeWJqK6NiLzQ80P0pqItayZyVLD7tv6VcVh6yhWLxoUAvQ3o1stxf2XXetw-KdtQK9XE-oKgfk8MhpEphvSgdSnBxsWlPE8ITO904czgG_U8uOi6mxzo&sig=Cg0ArKJSzPQFAIFUQr4DEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=404&cbvp=1&cstd=390&cisv=r20230207.39902&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 12 Feb 2023 03:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Feb 2023 03:13:06 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 89DE 43 B
1 KB 655ms
24ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26964075&extCr=180660497&extPm=322763903&gdpr_consent=&gdpr=

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 12 Feb 2023 03:13:05 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 12 Feb 2023 03:13:06 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
215 B 764ms
82ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmGwo,pingTime:0,time:355,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:263%7D,%7Bpiv:0,vs:o,r:l,t:305%7D,%7Bpiv:100,vs:i,r:,t:355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:355,n:305,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:263,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1,0~0%5D,as:%5B68~300.250%5D%7D%7D,%7Bsl:o,t:305,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D,%7Bsl:i,t:355,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:265%7D&br=c
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 08F7 36 KB
14 KB 105ms
53ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 12:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 12:01:02 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
215 B 798ms
123ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmGwy,pingTime:-2,time:365,type:a,im:%7Bpom:1,prf:%7BbeA:432,beZ:433,mfA:663,cmA:666,inA:666,inZ:673,prA:673,prZ:687,si:696,poA:697,poZ:717,cmZ:717,mfZ:717,loA:740,loZ:745,ltA:797,ltZ:797,mdA:434,mdZ:602%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:263%7D,%7Bpiv:0,vs:o,r:l,t:305%7D,%7Bpiv:100,vs:i,r:,t:355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:10,o:355,n:305,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:263,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1,0~0%5D,as:%5B68~300.250%5D%7D%7D,%7Bsl:o,t:305,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D,%7Bsl:i,t:355,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B10~100%5D,as:%5B10~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:265,sinceFw:100,readyFired:true%7D&br=c
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6A96 0
10 B 105ms
58ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qq54TA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
215 B 409ms
84ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmGCd,pingTime:-10,time:716,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS43NyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1676171585689%7C%7C2191f5acb100f53523efa9b37502bcaf%7C%7Cab5c22841446b8290841bdac13eccace%7C%7C5020b61850af418d476ab3cfa65c6029%7C%7C6368d6c40714ea21819dc6e6e2727a30%7C%7Ca2cd5340927defe5973b70febe1e326f%7C%7Cefb58b4d1533f68c6bb574e0f2294dc9%7C%7C6ead77e923f6468befc1598b1b71d402%7C%7C1663701684%7D
Requested by: Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08F7 0
20 B 86ms
86ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-oL8QFnoY4-FMOrJ7_UP0O-mqAQAAAAAOAHgBAI&bg=!m5ilmMzNAAaq5O5FiuQ7ADkAdvg8Wm4x74miiUI3MocmcSFQToZ8JXkQTJYLkJZgYsZvcsi35__ijw4U90l--p9uvlaUa_nGw74CAAAA9FIAAAAFaAEHCgA-2PaXaNF12gztLy_HIQsf2a6mOI8rpmj2Gy_imfQHbDzccJV_Tdoucdmsq9kYng5udaLqxlrEwrRC6jXwU9KZAuJXYbkOLs9EadobhNSwEJndKZ8m-kxvFWuBVap6TjELdeMZ6P4-zHKKmuQdqTZKHn1xwORmLwwu5-NDlHMCGAW94JL9abAR_rVNsgZmN-zvbUeCJ0xB093PmuaPU09RQhA6yZgFqy_9k4sBVftOYn7vkY8vjNEmNz7lUUEOuo72xgAdfaKuhrRJrGk6AJVVEtQVGe15rgkp-PxqGCpaWFkZDTjezeiWxo9w2LsNI0-H7I6V4QN32SdsmqYodGaHbxYQP2P4fweKBTAyj5uTq9Qzqd8_mUkdyFZHqq7BS9K45rGpnMjiQFn8Qwhpd6hU4yGx0NaE4x-vNQ0r7PsuvRjFk7HYdSPAVP23i3ifHIe7vKDuu3_YCf70i2r1dY20n4M-USF-KS_wldV30qe9XsTNiSmbnzT3svW0P2MXKTWg7Cm46vWkijvNbHxJ1tIlrkREtr2FZnog8tOwWCsxMHMcgwQRPOJpsXDyIyfbozFo_fFlSHPupO1G5oyUQaLvEDjEcJHFEhLkCNMQtRnPBFTUlU347GUOXYzGnE_ST-JdrnjXy5OMlMjAWaExqhfvsBDDJl2qdiSzqZKw5kLAw4RvLFJFrXgkRjwbo8B6QRSq0qdzk3HEZRL19Agu8PDxFnWR5IviWPqgrNW2AKBELyGy_1IkN-odsRcc90dZ1gDlHk8vEwEbvkcuZdEigg4oGPYP7NDDZ3dQY5__9HEgNbcgSbDhz6h4lfYQBWj0d8lskALdHT3dZNOnPQBv1BJY1Vw49r72y_f6m0XgB4vrR-VWSz8MzAJOITPdABzH8BwM-elCr8Ia5SCcbjjzs1lWracycq5qNBkq4Zws2s_0ZV5F35CxEJX6PFhbswmOmIfSK647RPd0FiwWEuv-xBZfojneG4Ovm0jkKBId90-1BI0glRUG6_SY8dPQgPciogXqhPWW16TfhKEVGFbih-CWimXDWZfGs-wIIVRUqU9jc6Ds_5w

Requested by

Host: 6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
URL: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 127ms
87ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=3711110687032928&bg=!SkmlSR3NAAaq5O5FiuQ7ADkAdvg8WkNG6ccz6OZpasEbfSPUCUYxf8TxP9FEGosBzUScrERMzeNm34R_ZncQlLYUHgLnvleuB30CAAABLVIAAAAMaAEHmQKf0AT3DBddsgMxXCMbOhwcJB_Bi7WZx2JZMz6o8UoXLDKzw5WjdRNha83WMijIgw79KzYZuwuMyHa-bu7PaYWJAoLecaKOY0RLDcOfTJdP_hqCdzdQdl6W31qh_dD8uEFlAW_E53C4abixg5_M-EfozeQ6zXEcbi6ZaU266nSOBjfWIjb4dugQXZxeeZbVIyKXPBorUiUOiid-SmEnYRsoI2aMcA4uMps7Po_kDWUj-RMlcdLDC5tJSErP41qMEroBoNTqvqwS0mpozG7zSSFNi51tGvBHsqO21mbMw2Q0NAiDH_ZlM0E2q-nXJBKc3tlhi3nX7wevPAUqGyxD2tSCfWBnd44QyQNyeAXTYfAUgoMWA2ndu4Ff1eY92ZTY8BeUcvG7nsNMvV09qRDhouDtvTgm4SK3unTkRAw_RfetCX9RlF4mc6qo5ijJc6jUgzL4fD1RtfsVgC1Y6yVvfXlieuBPrbd99u2MxQDwmz82i5MPHzqpadaIl6WbKoyGm_o9YFWI4edR0kft7qrBgsIvRDJW83GyxsQVUHCzPnggGaMk_78kH2ms8ThK-uDVRpRXv5adq9fLZKXBFP-mh0inriFu9C1QN08mjC3YFNTkpx6qG56sLwXxGORzbrnEMb03d5xH73WQj_TyD5i2p1hsAl8UvyhMZSrl9MwzLTFvc0ghMybLv_Bt-E3Y7dNt8cGJLZ0C0NY1FXfHSf3LPw7R9aZpb8McMAw_9cY43rGC9BApr6dTh4FhAUuMFlzPRXvJGLd1NRmREQH1KjDM6EzvABo8U92VKLdd66dPV7HR7iisJA0XeCLtOV50yQUnFkxQw_IkWSAKgn6qwelTrDce4fG0CFq85TLdnFhWcAEBlPHOxFYjNASc3UX6PjoSFHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 20C5 113 KB
38 KB 165ms
132ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 03:13:06 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 20C5 118 KB
40 KB 149ms
116ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 09:35:36 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 89DE 42 B
64 B 127ms
124ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZbDqWT3pBEHX19kK8bVlQOM8jHP7wyyXgAbHiF4vYUKKKLlcReHz0mCZIEDe-s7DJm4NQzoGvRP0n6Hkn-iAUkOnm_QIBpYnT21jtww5fOjDWk9KIodxJTFFSJE9AT__zHO0M-g&sai=AMfl-YSTtgE_H9iXp1BZ7vT-rnSRRSWJanEslbY0sql4alsg-1bNRQwLoynHDQ2WNJUa37qmPvtmucITiAO0I2O22RGxoi4YJYhz_xL1ylsEOkIG-OLxFTG5TJKZka2g&sig=Cg0ArKJSzMsfSmE_TNhkEAE&cid=CAQSPADUE5ymDLPF2b8IOMg6_eCf1dUbdexUdi4HhnqB5oITloX4zbqHSbK5Za2b_Eut0vyKuexhgQAhkPlHuBgB&id=lidar2&mcvt=1000&p=557,1150,807,1450&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3409417865&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676171584541&rpt=485&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 89DE 0
0 109ms
86ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQekUYg8MFe_zOnDBmonlsWqHu6gm4l3PvxVLgCLmTrJVkr3eH_iPpdsGvTKGM5XaJw_9oBBaTQtMW4C1jbHB0S0qv1m6B9VZU29Ca04TAtZauSDj3ZpOh52POGfNtcfq4Nc-7prdIy8Hb5wev7yrBENiQy1WkoRg2Zf1Tup5d35LIc7gb9nGt-xp7NdmZAPFd0QHPnkcngArfRP7tLT-LV0aCZJrgGuJMKsfphJeA1WhPjz9A1ZTNKKeIfQDMiUbUHu1OFNh0XHEpzCtJ6RrsHzAdH97u_XYtYRQt_nzvgnuzCJYAb4P0TgNHg02bGk3PYQf5ha1xH1Hi0jimz8V2typpiyOW34eZGN4cjbYF4qVgsh0NO1b5wuuydlWufJMxOnehjN3i484TZUjuTkVRLTi4C9xwVKpZxCPaPzWeNEmPp5OffPfW3dotV0m_iL3sNBSbaYNQ2UObALpEXizHS9sg6fZUBPX3B-MjBPqlM1zo7g3ZgbSalFVNk-0amcuHZaC4bjgaSzobuXKoWjK07H4-PUVbHJIs-3ExckcB38Jay2gHem87jHCX0FCH15KyKOBGCXAKCoH70LTh32cRadRHCYACxhvYw7yuPLisz-dBsho7-2Z51_cs3Sm3zUl8ZqS-GCU5uag6obSe_nMsHAy1DWc5bPPWf6XmRufgQkbAQgISo3QJpUDFaQ-fzkGpXbPie7QQuM_OgmOfCTnu-UhYkIqX7CzKU6Ci76-ciBJqmbJ91hSRYnK0tn2NFc34GsCufkxgeoWIP99NF0alRRhCMU8IQCpt8ctfsTiok5MELFMNQSxT1fWGepfsLpkl_B4MSLSvDlQiGu8HQg5A7N_yQrC5Ox24Aad20iKlLXTKffEQxTiHeiexnYUZ7c0TbRGetfMFG61DwbPPGOZyEP92fy-UQsy-K3mvzpaWP3VFbEEi9rGdgLUWTp2aCm0-QEjMcZcExr9_r0n0_Z5AVBWJ0kZHxNRTjwY1hYA5wtK1ePFk86DHk_Ra1wiERWE065NhZIj8NVJ9QSM0sT3W1KNF-JOnII3Ji9BZpkZR4H77ElAu_UXylBAyf60rsHTl1sJK_AQ9gOW2-BomBGGs3LIgkqarHwGEwkR5msHsnxm85iMhXBBYiCfvQ3zbK57SvGouuuPyQtA7eGkoO7gt-NKRhcSA2tQSIZ2lSP8E5GPdHOsZMuZx41TMCvKniWdeiSQRf8P66Jv9UevpODeqRqBfSDB9TSGSWz8tVLAolX26hF7aPeGQQX8w2KJI7kbVBck7fP0GOCoJRU33or_m54NC22RWcUzy8jMuqw7w&sai=AMfl-YQC5BhCnhTR4kRwuNvdklHQkLxBYvZaoVI52-xPs0E7alRWJHXYFC9Y2E8XU07KbHy1LAiQteS-3S35_ISVNCeb9-Jlk2hrtJPyKxg2AIj1kKVGuk3bMSHT0f5C9Y4f-wWBmxanyKca2StaTh-LeWJqK6NiLzQ80P0pqItayZyVLD7tv6VcVh6yhWLxoUAvQ3o1stxf2XXetw-KdtQK9XE-oKgfk8MhpEphvSgdSnBxsWlPE8ITO904czgG_U8uOi6mxzo&sig=Cg0ArKJSzPQFAIFUQr4DEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1358&vt=11&dtpt=954&dett=3&cstd=390&cisv=r20230207.39902&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Feb 2023 03:13:06 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 20C5 2 KB
806 B 66ms
60ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 778
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 14:38:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 03:25:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 20C5 7 KB
6 KB 91ms
85ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03d1d31e050ffc9225f55b7c54907de11ec61bfc4b1be9cea5efcd278768eaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5615
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
215 B 153ms
101ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmGMy,pingTime:1,time:1357,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:263%7D,%7Bpiv:0,vs:o,r:l,t:305%7D,%7Bpiv:100,vs:i,r:,t:355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:355,n:305,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:263,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1,0~0%5D,as:%5B68~300.250%5D%7D%7D,%7Bsl:o,t:305,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D,%7Bsl:i,t:355,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:805,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:265,sis:379%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
215 B 154ms
102ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmGMy,pingTime:1,time:1358,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:263%7D,%7Bpiv:0,vs:o,r:l,t:305%7D,%7Bpiv:100,vs:i,r:,t:355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:355,n:305,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:263,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1,0~0%5D,as:%5B68~300.250%5D%7D%7D,%7Bsl:o,t:305,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D,%7Bsl:i,t:355,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:805,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:265,sis:379,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
215 B 151ms
102ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmGMz,pingTime:1,time:1358,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:263%7D,%7Bpiv:0,vs:o,r:l,t:305%7D,%7Bpiv:100,vs:i,r:,t:355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:355,n:305,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:263,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1,0~0%5D,as:%5B68~300.250%5D%7D%7D,%7Bsl:o,t:305,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D,%7Bsl:i,t:355,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:805,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:265,sis:379,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:06 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 300x250_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 20C5 61 KB
17 KB 85ms
80ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ff62e6ab5d3666c1061fc4cccf12efa481151b2b2c291d9fd2688a9de94a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17845
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 09:51:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 03:28:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 20C5 17 KB
6 KB 150ms
145ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 03:13:06 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 20C5 4 KB
2 KB 59ms
47ms XHR
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1840
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 11:00:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 03:16:33 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 20C5 5 KB
2 KB 77ms
65ms XHR
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 03:23:23 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 20C5 2 KB
1 KB 78ms
66ms XHR
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 03:24:52 GMT

GET
H3 200 NH_D_EU_Coffee-European_300x250.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 20C5 77 KB
77 KB 79ms
67ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_EU_Coffee-European_300x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc37d733f1e46092fe1a503fb59b8c65ecebb452f7eebaa96782f3a1cc579174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:11:29 GMT
x-content-type-options: nosniff
age: 97
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78522
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 08:49:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 03:26:29 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 20C5 50 KB
50 KB 60ms
48ms Font
font/woff2 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=X7yZnPwl86&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:09:22 GMT
x-content-type-options: nosniff
age: 224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Feb 2023 03:24:22 GMT

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame F464 36 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 12:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 12:01:02 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89DE 0
20 B 80ms
80ms Ping
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1812992532159&version=m202301230201&ct=76&x=1&cor=11860533419592530000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 89DE 43 B
215 B 103ms
103ms Image
image/gif 2600:1f18:1aca:4282:4411:386:33a0:3439
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=96c215f5-a90d-372b-4281-2dcc05170b55&tv=%7Bc:3YmHP4,pingTime:5,time:5357,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:263%7D,%7Bpiv:0,vs:o,r:l,t:305%7D,%7Bpiv:100,vs:i,r:,t:355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:355,n:305,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:263,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1,0~0%5D,as:%5B68~300.250%5D%7D%7D,%7Bsl:o,t:305,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D,%7Bsl:i,t:355,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:165,fm:tvCd9q5+11%7C12%7C13%7C14%7C15*.925113%7C151%7C152%7C153%7C161%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:265,sis:379%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4411:386:33a0:3439 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:13:10 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rbc.ua/	1970-01-20 19:12:11	Name: _ga Value: GA1.2.213842210.1676171583
.rbc.ua/	1970-01-20 09:37:37	Name: _gid Value: GA1.2.1679055918.1676171583
.rbc.ua/	1970-01-20 09:36:11	Name: _gat Value: 1
.rbc.ua/	1970-01-20 09:36:11	Name: _gat_editionTracker Value: 1
.rbc.ua/	1970-01-20 09:36:11	Name: _gat_withoutiaTracker Value: 1
.rbc.ua/	1970-01-20 19:04:59	Name: __gfp_64b Value: J2B6dALwnkr6FnVZxCxBjS72yHiqmtFcYqt8gMHGbZf.l7\|1676171583
.hit.gemius.pl/	1970-01-20 09:46:16	Name: Gtest Value: KlxqDMXGQMQGWWnpHC67SqfissGMXP8c25nSGurE-Ug8XBG.
.hit.gemius.pl/	1970-01-20 19:04:59	Name: Gdyn Value: KlShDMXGQMQGWWnpHC67SqfissGMXP8c25nSGurE-Ug8FRxSG7RrGS6Gx4FBFlM2xgGPo1RGF8CBI8l8MG..
.rbc.ua/	1970-01-20 18:57:47	Name: __gpi Value: UID=00000bb3dcc3c34d:T=1676171584:RT=1676171584:S=ALNI_Ma3N1-uDgvw_rnXdkw1fGVQnwtWSQ
.doubleclick.net/	1970-01-20 18:57:47	Name: IDE Value: AHWqTUm99VEAqsRkzYEBq6T6wuaeVdmRYsJV_1J-67ZFmqnhCHHtltGyUXdRFbYuXNk
.rbc.ua/	1970-01-20 18:57:47	Name: __gads Value: ID=e8fab8d53ede2874-223ba1070cdb004b:T=1676171584:S=ALNI_Mbsd8OZ2SssBSsOne7xFKFWirWwNg
.adnxs.com/	1970-01-20 11:45:47	Name: uuid2 Value: 5566516549058173772
.casalemedia.com/	1970-01-20 18:21:47	Name: CMID Value: Y.hZQGw7EKPfCCNvlQDBzgAA
.casalemedia.com/	1970-01-20 11:45:47	Name: CMPS Value: 3394
.casalemedia.com/	1970-01-20 11:45:47	Name: CMPRO Value: 3394
.adnxs.com/	1970-01-20 11:45:47	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hbxt`$hG!@wnfH8K6pQK`!5=E<L5?%M#/kVdjABw#K1.3a(1+ozB1eA<2BR!?tP'IyGbpRzqF1`b_9d*$<nn
.simpli.fi/	1970-01-20 18:23:13	Name: suid Value: 9D9493A1258F4C7DB168297D0311B7FC
.everesttech.net/	1970-01-20 18:21:47	Name: everest_g_v2 Value: g_surferid~Y_hZQQAAAIirdgAF

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gaua.hit.gemius.pl/xgemius.js(Line 826) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6a8adcf97ea4be9d84b177ce4a33a479.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ls.hit.gemius.pl
m.exactag.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
rbc.ua
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.rbc.ua
104.18.33.19
142.250.180.226
142.251.39.2
146.59.30.96
15.197.193.217
151.101.66.49
185.80.39.216
185.83.142.19
185.89.210.46
213.202.235.8
2600:1f18:1aca:4282:4411:386:33a0:3439
2600:9000:223f:f000:8:48e:53c0:93a1
2606:4700:20::681a:22f
2a00:1450:400c:c1b::65
2a00:1450:400d:802::2002
2a00:1450:400d:802::200a
2a00:1450:400d:803::2002
2a00:1450:400d:805::2002
2a00:1450:400d:806::2003
2a00:1450:400d:807::2001
2a00:1450:400d:808::2004
2a00:1450:400d:808::2006
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2001
2a00:1450:400d:80d::2002
2a00:1450:4025:401::9b
34.249.210.67
34.91.62.186
51.38.120.206
51.83.200.186
69.173.144.165
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03d1d31e050ffc9225f55b7c54907de11ec61bfc4b1be9cea5efcd278768eaab
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0ad572029e495c4235b2bc29405f574f45e4f77c60b76ae7f4ae414baff6b662
0b267371f035aa652ececbba65e4b01295c3e476c6b76843c246bf977c3dd10a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce3bd0ddc646ca2386b5c7f5337865a617b1f739833ba623b4ee0fbb1dca32f
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
111e8accd85778604951d3929df73b7d62a3cb3ba7881d5a6d3fb5651abce2d1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1b27787017d71ed2a0b92667c109eec42c4fe5722866b86c4185c64111fb0ea7
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
40d163a81a60a4f29628f72060ad0fd3749411ea1c24d35a3c7a63d65ec356d2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470fa91fcb0cfe2528500b2b68314ea45fb8e87b0952dcd2ebaa7e5937e51f11
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498fbae28d4de7c0ed8b5d8ce6545532f874d077e29deb670a8bfa19a84967e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52763887b3ee62de1b38cc69f9e495deec57566c9914cb5b7fce604768c05713
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575485018c1bf62495d593ada6ef2edaedc6a32df99832a0e6b7bd709a566122
5786976ca54a04d8a4a15d3dd6a6c3b9c79226a459959fd24a42c5e221c5a2d5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c3b713a30e0af8135fe7225f880ad7f6ffdec837b9cca15789c6ce9a1a46f2e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
63cfbcc612feb4e41d3792c5630e579d89b1292f4095c057f97e40a7901f24ab
69d9eefe86c6c9c14846ce4b3307ecf807d0b059893c7daac13bee54cf9f2308
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
79aa7b0871292c624f83bd5eccaa620df469a2607b14c341e4ad35a7e9934303
7a37a4e2f1464a5f82bafc1aea9bc92be25447be734467ecdbd5e1874e22551b
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8766f55aadf54eff459c4fe9f597e6bfeb5624e3bff4f8e0cfbc8fb5f2202567
880928b7317600870d543d05557488aa74f775ef0ffb39a469b094624ec289d8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
911e0866d5183467fbc02fcc822a82fe09803286174cda8772a578da965dff44
93adea7bd4231d016e95318ac2a860ab8cd6d8b67b47af8d9f1c51eba2ae928b
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a089edcbfe88652d786c58e47892f72ecb3ae913cc1767763e7ce3113a48a919
a407a25c88eaa1df18f1f229f0a479d762de5b9ec19f14c8a120d44c4546c5af
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9437edd4224c8c939b07f585089e985322bc678875f9bdd8b6c28f685e5fe16
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e35fc874ebc584a6d3ba217ad3bb5a62ffb225cd16a0c0c5e912fc5ab21baf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b5ea6aa76900136ed243cf3076d034e4753f56b010f20aa5996d089adceab008
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
c42bb42ed6041810abb44416c044cd5534528f113fb58f8eed3ee7452e63ea88
cea77bc6a84d2aacdca75f1b41871a46f14d4370fe5dc4d2471f5e086d647184
d1ff62e6ab5d3666c1061fc4cccf12efa481151b2b2c291d9fd2688a9de94a19
d5951a2ded41941bf6c00b9866ce72f6d5301b48c4aa9938d6be734f7044b9b9
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
dc37d733f1e46092fe1a503fb59b8c65ecebb452f7eebaa96782f3a1cc579174
df213de7df4d4c44e6aafb50afd8879eb80193949f2e849ffafa808efb43ed5c
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8848de9cf0a1559226eb7e721f9102fc885b6ad457d4061ecb05eefe14cbbf5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f020c1ba7ee0dce0c0b9679339e958e106734fc49aa2e856c8243b821ce83600
f2ba80bb9100d90b26dd3d622f20b2f8a68173c8bc2c69984ce64175396eb9b2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63e304ec909a252c22d5bb42f34d957b49b1b01a3f9d0a39433f0a409999572
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa19ab413493b004c5957325db711ffde124c52cb5007049f1331dd1302bc774
faa6a9a0e33d5fb21615db43f511620592e7ca57e065748b9720d878f8b89612
fc11b397e0f5082835fd8cb9ad4c6cf14e1b4f0e3727cb993c881c6c4a42e6e0

www.rbc.ua Open in urlscan Pro 2606:4700:20::681a:22f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

91 %HTTPS

53 %IPv6

21 Domains

35 Subdomains

28 IPs

8 Countries

1325 kBTransfer

3277 kBSize

18 Cookies

35 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rbc.ua Open in urlscan Pro
2606:4700:20::681a:22f Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

91 %
HTTPS

53 %
IPv6

21
Domains

35
Subdomains

28
IPs

8
Countries

1325 kB
Transfer

3277 kB
Size

18
Cookies

124 HTTP transactions
4 data transactions