www.rbc.ua Open in urlscan Pro
2606:4700:20::ac43:46e7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rbc.ua.admin-eu2.cas.ms/
Effective URL:
https://www.rbc.ua/
Submission: On December 05 via api (December 5th 2022, 9:01:30 am UTC) from US — Scanned from US

Summary HTTP 88 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 15 domains to perform 88 HTTP transactions. The main IP is 2606:4700:20::ac43:46e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rbc.ua. The Cisco Umbrella rank of the primary domain is 248409.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2022. Valid for: a year.

This is the only time www.rbc.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.151.238.5 52.151.238.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:141b:13:... 2600:141b:13::17d7:825a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 14	2606:4700:20:... 2606:4700:20::ac43:46e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	145.239.237.56 145.239.237.56	16276 (OVH) (OVH)
2	216.151.214.131 216.151.214.131	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	207.198.113.93 207.198.113.93	13768 (COGECO-PEER1) (COGECO-PEER1)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	52.22.219.253 52.22.219.253	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
5	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2006	15169 (GOOGLE) (GOOGLE)
1	13.33.60.82 13.33.60.82	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:b4f... 2600:1f14:b4f:4b01:c358:4544:64b7:3a66	16509 (AMAZON-02) (AMAZON-02)
2	52.22.40.109 52.22.40.109	14618 (AMAZON-AES) (AMAZON-AES)
88	27

1 52.151.238.5 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rbc.ua.admin-eu2.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13::17d7:825a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:46e7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rbc.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.rbc.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81d::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80f::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81c::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.151.214.131 (San Antonio, United States)

ASN13768 (COGECO-PEER1, CA)

node-p2e-gmd8xz.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.93 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.219.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-219-253.compute-1.amazonaws.com

q.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.70 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2006 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.60.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-82.ewr52.r.cloudfront.net

pix.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:b4f:4b01:c358:4544:64b7:3a66 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ipv6.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.40.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-40-109.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144	265 KB
14	rbc.ua 1 redirects rbc.ua — Cisco Umbrella Rank: 239684 www.rbc.ua — Cisco Umbrella Rank: 248409	209 KB
13	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 ad.doubleclick.net — Cisco Umbrella Rank: 173 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316	174 KB
8	gstatic.com fonts.gstatic.com	101 KB
6	adrta.com q.adrta.com — Cisco Umbrella Rank: 2561 pix.adrta.com — Cisco Umbrella Rank: 3157 ipv6.adrta.com — Cisco Umbrella Rank: 2741 adrta.com — Cisco Umbrella Rank: 1607	13 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 87	2 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 58336 ls.hit.gemius.pl — Cisco Umbrella Rank: 10826	22 KB
4	sitescout.com 2 redirects node-p2e-gmd8xz.sitescout.com — Cisco Umbrella Rank: 209640 pixel-sync.sitescout.com — Cisco Umbrella Rank: 655	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	109 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 46459	44 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 288	31 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	694 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	1 KB
1	cas.ms rbc.ua.admin-eu2.cas.ms	1 KB
88	15

	Domain	Requested by
13	www.rbc.ua	www.rbc.ua
12	pagead2.googlesyndication.com	www.rbc.ua pagead2.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
8	tpc.googlesyndication.com	5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net rbc.ua.admin-eu2.cas.ms
4	www.google.com	www.rbc.ua tpc.googlesyndication.com
4	www.googletagservices.com	www.rbc.ua 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com www.googletagservices.com
4	gaua.hit.gemius.pl	1 redirects www.rbc.ua gaua.hit.gemius.pl
4	www.google-analytics.com	www.rbc.ua www.google-analytics.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	mcasproxy.azureedge.net	rbc.ua.admin-eu2.cas.ms mcasproxy.azureedge.net
2	adrta.com	pix.adrta.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	q.adrta.com	5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com q.adrta.com
2	pixel-sync.sitescout.com	2 redirects
2	node-p2e-gmd8xz.sitescout.com	rbc.ua.admin-eu2.cas.ms 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
2	5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ipv6.adrta.com	pix.adrta.com
1	pix.adrta.com	q.adrta.com
1	s0.2mdn.net	5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	cm.g.doubleclick.net	5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	www.rbc.ua
1	rbc.ua	1 redirects
1	rbc.ua.admin-eu2.cas.ms
88	29

This site contains links to these domains. Also see Links.

Domain
daily.rbc.ua
styler.rbc.ua
travel.rbc.ua
coronavirus.rbc.ua
auto.rbc.ua
realty.rbc.ua
t.me
specials.rbc.ua
marketing.rbc.ua
www.facebook.com

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-14` - `2023-03-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adrta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-07-20`	10 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.rbc.ua/
Frame ID: 7C2CADBE3B8B9505FD5044EA983F023E
Requests: 53 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.25.27/html/session-context-restore.html
Frame ID: 9E74EF86606F7EA0B76CA544BD72F2C0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: BCAEE701C770C64D3013C44052F93596
Requests: 1 HTTP requests in this frame

Frame: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F3A5CC273478EBB2EDE15A2564257B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3325851766052018&output=html&adk=1812271804&adf=3025194257&lmt=1670230887&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.rbc.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670230887091&bpp=4&bdt=475&idt=337&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6926965282847&frm=20&pv=2&ga_vid=1800511182.1670230887&ga_sid=1670230887&ga_hid=910341004&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070994%2C44770880&oid=2&pvsid=2106439875581553&tmod=941806506&uas=0&nvt=1&ref=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=354
Frame ID: 5D976E6DE44AE64DE4C6094287042182
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 88652B7D91CF6F8FD5C0C2FD6EE29C99
Requests: 1 HTTP requests in this frame

Frame: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47DACDF195521DF744BE20EB0F3A2CF6
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9069A95031AA4FC8B9E6EC79632E5B06
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7E7B3D64D2D21B83C3E733BD0B49F31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9681771ECC4245061D28C99A9800C7D5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини - Останні новини України сьогодні | РБК-Україна

Page URL History Show full URLs

http://rbc.ua.admin-eu2.cas.ms/ Page URL
https://rbc.ua/ HTTP 302
https://www.rbc.ua/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

88
Requests

97 %
HTTPS

59 %
IPv6

15
Domains

29
Subdomains

27
IPs

3
Countries

993 kB
Transfer

2349 kB
Size

18
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://daily.rbc.ua/
Title: Daily

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/
Title: Styler

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/
Title: Travel

Search URL Search Domain Scan URL

URL: https://coronavirus.rbc.ua/
Title: Коронавірус

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/analytics
Title: Статті

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/interview
Title: Інтерв'ю

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/opinion
Title: Точка зору

Search URL Search Domain Scan URL

URL: https://auto.rbc.ua/
Title: Auto

Search URL Search Domain Scan URL

URL: https://realty.rbc.ua/
Title: Realty

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/zhizn
Title: Життя

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/persona
Title: Персони

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/intervyu
Title: Події

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/nauka_i_tehnika
Title: Новини науки

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/tsirk
Title: Курйози

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/sport1
Title: Новости спорта

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/teleshou
Title: Телешоу

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/kino_i_serialy
Title: Фільми і серіали

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/voyna
Title: Війна

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/nuzhna_pomoshch
Title: Потрібна допомога

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/author
Title: Наші автори

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/novosti_aviatsii
Title: Новини авіації

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/ukraine
Title: Відпочинок в Україні

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/abroad
Title: Відпочинок за кордоном

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/putevoditeli
Title: Путівники

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/experience
Title: Особистий досвід

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/weekend
Title: Вікенд

Search URL Search Domain Scan URL

URL: https://travel.rbc.ua/rus/columns
Title: Точки зору

Search URL Search Domain Scan URL

URL: https://t.me/RBC_ua_news
Title: Читайте нас в Telegram. Підписуйтесь на наш канал

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/author
Title: Наші автори

Search URL Search Domain Scan URL

URL: https://daily.rbc.ua/rus/show/buduvati-popri-vse-komu-ta-k-tse-vdaetsya-1669110532.html

Search URL Search Domain Scan URL

URL: https://styler.rbc.ua/rus/allnews
Title: Ще новини

Search URL Search Domain Scan URL

URL: http://specials.rbc.ua/
Title: Замовити спецпроект

Search URL Search Domain Scan URL

URL: https://marketing.rbc.ua/
Title: Дослідження ринків

Search URL Search Domain Scan URL

URL: https://www.facebook.com/www.rbc.ua

Search URL Search Domain Scan URL

URL: https://www.facebook.com/messages/t/www.rbc.ua

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rbc.ua.admin-eu2.cas.ms/ Page URL
https://rbc.ua/ HTTP 302
https://www.rbc.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://gaua.hit.gemius.pl/_1670230888125/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&ref=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=JBNxH6m4zqKRuAE6S3Z.nUi8gx3Cz2Y74NBoHo2XgND.p76.rNN1RGP6tQe.IrTKLOsuN7lB_M4KKgbUG1pq5FWMEUNi/QwrZI4R83IhlC/&fpdata=.jFmtXI5wjzhLU9.bNJ.YlcyhDZyvCnBy0Xudsa2pOL.77&ltime=651&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638db3671c0469cb&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1670230888125/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&ref=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=JBNxH6m4zqKRuAE6S3Z.nUi8gx3Cz2Y74NBoHo2XgND.p76.rNN1RGP6tQe.IrTKLOsuN7lB_M4KKgbUG1pq5FWMEUNi/QwrZI4R83IhlC/&fpdata=.jFmtXI5wjzhLU9.bNJ.YlcyhDZyvCnBy0Xudsa2pOL.77&ltime=651&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638db3671c0469cb&fpcap=

Request Chain 60

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=aFHpUTUZRYiCytOoA7-jJWONs2g

88 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
rbc.ua.admin-eu2.cas.ms/ 1 KB
1 KB 123ms
34ms Document
text/html 52.151.238.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://rbc.ua.admin-eu2.cas.ms/

Protocol

HTTP/1.1

Server

52.151.238.5 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

503d4d1488ff5bf5376971cc8b7a389133fabfd7d6376b5824afc35b6b19e6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 09:01:25 GMT
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Pragma: no-cache
Server: openresty
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-MCAS-Cache-Status: MISS
X-MCAS-Processing-Time: 2
X-MCAS-Request-Id: 3e4a7c01046431fafffc67da652f62f4
X-MCAS-Upstream-Time: n/a

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.25.27/js/ 5 KB
5 KB 102ms
29ms Script
application/javascript 2600:141b:13::17d7:825a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.25.27/js/session-context-store-helper.min.js
Requested by: Host: rbc.ua.admin-eu2.cas.ms
URL: http://rbc.ua.admin-eu2.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rbc.ua.admin-eu2.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 05 Dec 2022 09:01:25 GMT
last-modified: Mon, 28 Nov 2022 12:42:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Dor7jY9XuhzpOAkbPbiHoQ==
etag: 0x8DAD13DF423BC93
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ae5cc9b8-301e-002d-6ea8-071d14000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31440010
x-ms-version: 2009-09-19
content-length: 4832

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.25.27/html/ Frame 9E74 209 B
660 B 27ms
27ms Document
text/html 2600:141b:13::17d7:825a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.25.27/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.25.27/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer: http://rbc.ua.admin-eu2.cas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31440080
content-length: 209
content-md5: xcQ/+x+i42xZPwR88wJc4A==
content-type: text/html
date: Mon, 05 Dec 2022 09:01:25 GMT
etag: 0x8DAD13DF3C8D8BE
last-modified: Mon, 28 Nov 2022 12:42:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c8a7692b-001e-000a-3ba8-075d29000000
x-ms-version: 2009-09-19

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.25.27/js/ Frame 9E74 38 KB
38 KB 30ms
29ms Script
application/javascript 2600:141b:13::17d7:825a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.25.27/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.25.27/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 32a4683d0b9bed95299c42225a62878cfb0a3672677b3414ffe0c944b0ed585d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.25.27/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 05 Dec 2022 09:01:25 GMT
last-modified: Mon, 28 Nov 2022 12:42:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: XAreP5js/x2mOMwXICadTg==
etag: 0x8DAD13DF3F3B2FC
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ae5cca42-301e-002d-61a8-071d14000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31440096
x-ms-version: 2009-09-19
content-length: 38765

GET
H2

200

Primary Request / Show response
www.rbc.ua/
Redirect Chain

https://rbc.ua/?
https://www.rbc.ua/

173 KB
50 KB

504ms
491ms

Document
text/html

2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60de375364a31217bed1be32ebbffb054bfcec34b44e153f83da9db44b6daee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://rbc.ua.admin-eu2.cas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 774b98de5e6dc466-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 05 Dec 2022 09:01:26 GMT
id: 1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mM0YNWs9u4pSPAE%2BfuZ3rswEFQzgMylOGibT3zM5tgBRRJU4IWvjD1a%2FPQLS3pDAd6%2Blnhav2bGMHgzK%2FvIAuB6tfoK4iCmML0dnQAMYjOTc4WRz9lYi%2BuGzHvvPxytfvZsiO74KbgA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-cache: HIT
x-page-speed: 1.13.35.2-0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 774b98dbec05c466-EWR
content-length: 138
content-type: text/html
date: Mon, 05 Dec 2022 09:01:26 GMT
location: https://www.rbc.ua/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSnXPO6UDBTa7DHINg1Q0wl26xhfQKHRAUihTiNV8j4GZjxP8KKudJ9Zxhh24dbsoufiyCbBkY9KwE1f9bqD2LYez2WapEyC92QBWlPrjEvQGXcFCqEaAnMXA4gJpzySpBuHvA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 127ms
53ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5951a2ded41941bf6c00b9866ce72f6d5301b48c4aa9938d6be734f7044b9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 09:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:30:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 09:01:26 GMT

GET
H2 200 big-logo.svg
www.rbc.ua/static/common/imgs/ 5 KB
2 KB 35ms
35ms Image
image/svg+xml 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/common/imgs/big-logo.svg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f020c1ba7ee0dce0c0b9679339e958e106734fc49aa2e856c8243b821ce83600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10136680
last-modified: Tue, 26 Jan 2021 09:25:46 GMT
server: cloudflare
etag: W/"600fe01a-14f5"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJMP0la9%2FLkETfii%2FrUMVA56QYjB2L%2FMtua0lIpB8AWYTaqTh2z0Y0bRzoDYHxjwXg862EK3dbMnEWi9k7uKR5TaQOOzG0lX3j1RgzPIVXBiBL1wCMuATfUBkvU72Qd6kLGxHkm8Z7I%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 774b98e1797ac466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 287ms
27ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 07:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4501
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 05 Dec 2022 09:46:25 GMT

GET
H2 200 _gettyimages_1239768316_5_650x410.jpg
www.rbc.ua/static/img/_/g/ 50 KB
51 KB 37ms
34ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/g/_gettyimages_1239768316_5_650x410.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226d09e592cc13f6111339043db2b9e10a33ece7f886abc8ecdc39e95f9ee2d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13487
content-length: 51632
cf-bgj: h2pri
last-modified: Sun, 04 Dec 2022 20:44:19 GMT
server: cloudflare
etag: "638d06a3-c9b0"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h4cgEnmzAEFOjue5W480usmz%2F0l0pcuqiI4Yo4jRYRAkDzhflTYsYTarsazRCHn9B%2Fb%2FBf8gpxrjLROH4phoZN5X7bYc0wrajGUZ6BEYr7Ug5eHNcmVfKOMO3NTNAX73rGE4ppNbsk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e1fa09c466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _vibuh__gettyimages_1240131423_18_300x189.jpg
www.rbc.ua/static/img/_/v/ 5 KB
6 KB 35ms
33ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/v/_vibuh__gettyimages_1240131423_18_300x189.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 044364876541ee5170f6951cd5d75de5a7e63e8ec828bf994b6839cbd0d6529b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3915
content-length: 5301
cf-bgj: h2pri
last-modified: Mon, 05 Dec 2022 07:15:22 GMT
server: cloudflare
etag: "638d9a8a-14b5"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VaJmeWm8kwsHNFutoiYVzZCXj6ao1Fi6znpUD7aB99IOZwFn15wmhbIlSMO1XIq%2BsLHYm6gqOl1ElhWttonXPIjY7L1SEGZf9yBDoWgiVv4zttWNCFJuIsZqurylYwRHhY%2F2Dg3mSY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e1fa0cc466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _su_25_gettyimages_1403283836_30_300x189.jpg
www.rbc.ua/static/img/_/s/ 5 KB
5 KB 48ms
46ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/s/_su_25_gettyimages_1403283836_30_300x189.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9145bb0930e2dca11df3a7a156360b68b41c0f156720637b276c49db2d750061

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3915
content-length: 5269
cf-bgj: h2pri
last-modified: Mon, 05 Dec 2022 06:59:57 GMT
server: cloudflare
etag: "638d96ed-1495"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rc2ti5t9Ap7WyBJOD%2BFtJCkVyU95D%2F3xaF17kaKGUvhWG7tvGWWMnhayxhZDxSA6ZlHpH8FhUTcTwqZVqmTbgoBatZyXH8Gs8z8%2FRBCy9gP9n4LJPfVW51e84WbEoT9v6rsmUaxj6s%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e1fa0dc466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _vps_ukrayini_zapuskae_raketni_raketi_nad_bahmutom_gettyimages_1244306655_300x189.jpg
www.rbc.ua/static/img/_/v/ 7 KB
7 KB 49ms
47ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/v/_vps_ukrayini_zapuskae_raketni_raketi_nad_bahmutom_gettyimages_1244306655_300x189.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a48cb9b3a2ce9f869525a77b2cad72f4095758aa3874dec4992c71d50402fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10199
content-length: 6676
cf-bgj: h2pri
last-modified: Mon, 05 Dec 2022 05:07:15 GMT
server: cloudflare
etag: "638d7c83-1a14"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBib9q9WQmR7ZMuHcDNWTcWO2irYDsf%2BbAm01W49Ro349OKxrtDn73feOPCUAEzjOIoR19cDZJVzaCeUKhroglaGH0SI8fPfBUgVPfniJ%2FQUX5Tb%2BzQiP19c3jzwKHFOb%2Ft1YDL6LVQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e20a0ec466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _gcaptain_com_4_300x189.jpg
www.rbc.ua/static/img/_/g/ 7 KB
8 KB 50ms
48ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/g/_gcaptain_com_4_300x189.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4194bcf5e9c2c08371c78e666e96a28bf577f2ed94d83471f4a4d254fce4ccc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10199
content-length: 7422
cf-bgj: h2pri
last-modified: Fri, 02 Dec 2022 18:22:20 GMT
server: cloudflare
etag: "638a425c-1cfe"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS2NuNXCBsNmLIx7QCekWWh3k56BytYh7wF918mPDwbN3TDH3GTJEN1Sk3olQ4f8%2F7Z%2BZ6cTem4cB4Qzul94dzBO9TaP9XyAolaZAjY%2B8jskIZ3EzEQhjtrnFL%2BxMU0lkiN9uUE6owY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e20a11c466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pxl.gif
www.rbc.ua/static/common/imgs/ 807 B
1 KB 51ms
50ms Image
image/gif 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/common/imgs/pxl.gif
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16070964
content-length: 807
server: cloudflare
etag: "600fe01a-327"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Le2kI2ctpUezOUj0DqmuhRK9wrNtGOZPvBWD1EG7lPJ45DbBLHPnGiHfcxZBFxqQkOuL3vLnW9PhvdQ1YFpuKLsSohEt6TaAW1FeO5%2BAcJBjhtZ8xrjLN%2FGwxqF6vYy7WOPtzetXofE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e20a12c466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2___2670_100x100.jpg
www.rbc.ua/static/img/2/_/ 3 KB
3 KB 43ms
42ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/2/_/2___2670_100x100.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63e304ec909a252c22d5bb42f34d957b49b1b01a3f9d0a39433f0a409999572

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10095213
content-length: 2907
cf-bgj: h2pri
last-modified: Wed, 10 Aug 2022 11:55:17 GMT
server: cloudflare
etag: "62f39ca5-b5b"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnTf%2FZiBVhMXE80vFnKdackeAUllp8IbE7bLeqb9iAPZdj%2BHModpUtOZIo4py88JfJgAwEQM5kOQI%2FkmANHN8Q9Q0i9ZwQUwXCVwCtnoBoNpfeoRfiiJjCW0%2FgD%2Fmqn6eot4PVSwNwU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e24a4ec466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _200h200_100x100.jpg
www.rbc.ua/static/img/_/2/ 3 KB
4 KB 43ms
43ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/_/2/_200h200_100x100.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a725aa195e98effce4431ed91c532c12cf542d41db5da3f6c361beb9e735ac99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1112467
content-length: 3530
cf-bgj: h2pri
last-modified: Tue, 22 Nov 2022 11:23:03 GMT
server: cloudflare
etag: "637cb117-dca"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBFyMb3knZnXpEOfZFQW0m9AuzYlutpX8r3EPAivgYCt0xEm8osWA8ysHkZMBP1FM5UU%2BFZg%2FJDJ7DP9zo31fGpc%2Bdj%2FdLIjywPeQHqv0lCmL6diNnNluAkxyCrJgfuH%2BhE9yzQtycQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e24a4fc466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 200h200_profile_uriel__2_5_100x100.jpg
www.rbc.ua/static/img/2/0/ 3 KB
3 KB 44ms
43ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/2/0/200h200_profile_uriel__2_5_100x100.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911e0866d5183467fbc02fcc822a82fe09803286174cda8772a578da965dff44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629208
content-length: 2768
cf-bgj: h2pri
server: cloudflare
etag: "6374cfa6-ad0"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1LQg7QCCEhMzEfTSGWwGsmKRBJSpepG%2BK%2FQB1zEOUCDXnxguVzv9Z7UaiTVx9TM7iYGY8siJdA67mBnkjZYku8ufyxl0srQW2g0GJAEtx7h6BLJQEa0ROX%2Fyw8dl5zuZT%2BMKsmVVQk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e24a51c466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4__3__7_100x100.jpg
www.rbc.ua/static/img/4/_/ 3 KB
3 KB 43ms
43ms Image
image/jpeg 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ua/static/img/4/_/4__3__7_100x100.jpg
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983e01efb541530c468e1facfcd20a5eb7d8858f637eb2410788c8144df40986

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2243058
content-length: 3184
cf-bgj: h2pri
last-modified: Wed, 10 Aug 2022 11:13:38 GMT
server: cloudflare
etag: "62f392e2-c70"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ca5LObON8ZqtQfJxTVow81SGkPvX%2BqVWzSbvPRYjyfaTeQ2X1fTT2%2FyMVmOdyCGp230EWnyg2jKAG0kD9XCpHscJ%2BIU5Dk77Vj3oq3Jl4PXdwpRM7nbvsO2QdPoP2wQszLEsB%2B9ubD4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 774b98e24a54c466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.js Show response
www.rbc.ua/static/production/ 204 KB
65 KB 40ms
40ms Script
application/javascript 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rbc.ua/static/production/desktop.js?1.55
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea77bc6a84d2aacdca75f1b41871a46f14d4370fe5dc4d2471f5e086d647184

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 208976
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16070964
server: cloudflare
etag: W/"627a3194-33050"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qENoiMZ3tgY8erIogl3nS4ay6NclYAcpG%2BD9yC6CBtuOej0xn2Idbdxla7%2F1QXZSXUB1sGUhCs4q15nY2TDsc179XqorvfxTnYmGwb%2FZqGZ3Z40UipJjDXqeHBNZf2SkE8Cokvyy2Qc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 774b98e23a43c466-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 268ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c064f32762729dccb54487dedba11d43eb0b339e83a29e1cfd6de71316ace9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48926
x-xss-protection: 0
server: cafe
etag: 14168200860414002119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:01:26 GMT

GET
DATA 200
OK truncated
/ 610 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9437edd4224c8c939b07f585089e985322bc678875f9bdd8b6c28f685e5fe16

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 575485018c1bf62495d593ada6ef2edaedc6a32df99832a0e6b7bd709a566122

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 904 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab69f842348dcfe5859c97a6cfd4792ab7f806418cdafc4e602c16cc20300c28

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b27787017d71ed2a0b92667c109eec42c4fe5722866b86c4185c64111fb0ea7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 169ms
27ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 394162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:32:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 206ms
64ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 08:00:30 GMT
x-content-type-options: nosniff
age: 435656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 08:00:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 181ms
39ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 254208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 10:24:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 222ms
80ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:37:30 GMT
x-content-type-options: nosniff
age: 393836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:37:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 195ms
54ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 08:03:56 GMT
x-content-type-options: nosniff
age: 435450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 08:03:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 215ms
74ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 06:14:57 GMT
x-content-type-options: nosniff
age: 269189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 06:14:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 209ms
83ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:36:15 GMT
x-content-type-options: nosniff
age: 393911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:36:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 181ms
69ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rbc.ua
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:36:27 GMT
x-content-type-options: nosniff
age: 393899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:36:27 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 410ms
128ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:27 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 11:36:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17204
expires: Mon, 05 Dec 2022 21:01:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
437 B 136ms
51ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11428483-1&cid=1800511182.1670230887&jid=1677704585&gjid=1740165731&_gid=459025595.1670230887&_u=YGDAgEABAAAAAEAAI~&z=2022022393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 09:01:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
144 B 51ms
51ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=910341004&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&dr=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAAI~&jid=1329951000&gjid=1238150011&cid=1800511182.1670230887&tid=UA-11428483-16&_gid=459025595.1670230887&_r=1&_slc=1&z=554792533

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 52ms
51ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=910341004&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&dr=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAAI~&jid=571533322&gjid=855879751&cid=1800511182.1670230887&tid=UA-11428483-19&_gid=459025595.1670230887&_r=1&_slc=1&z=663104090

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 26ms
25ms Image
image/gif 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=910341004&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rbc.ua%2F&dr=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%7C%20%D0%A0%D0%91%D0%9A-%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAAAAI~&jid=1677704585&gjid=1740165731&cid=1800511182.1670230887&tid=UA-11428483-1&_gid=459025595.1670230887&cd3=business&cd5=2602%3Affc8%3A2%3A104%3A%3A12&cd6=2602%3Affc8%3A2%3A104%3A%3A12&z=1824281911

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 03:42:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 134ms
52ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5fa943d73e8fd1f72fdd0eacfbe281ce0dd2ff321b4cb2d02e2ee9f180a76d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27500
x-xss-protection: 0
server: sffe
etag: "1412 / 862 of 1000 / last-modified: 1670022376"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 05 Dec 2022 09:01:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 51ms
50ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11428483-16&cid=1800511182.1670230887&jid=1329951000&gjid=1238150011&_gid=459025595.1670230887&_u=YGDAAEABAAAAAGAAI~&z=355757351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 09:01:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 51ms
51ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11428483-19&cid=1800511182.1670230887&jid=571533322&gjid=855879751&_gid=459025595.1670230887&_u=YGDAAEABAAAAAGAAI~&z=721400440

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rbc.ua/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 09:01:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 258ms
203ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1afaaca9d81e03cba1b764611b2bf25fa8a7b8845bf971ccd1099c7fe1cae29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119143
x-xss-protection: 0
server: cafe
etag: 9910620994366415205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:01:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame BCAE 10 KB
5 KB 90ms
26ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3325851766052018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 52467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 18:27:00 GMT
etag: 10353107486223812946
expires: Sun, 18 Dec 2022 18:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 116ms
55ms Image
image/gif 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-1&cid=1800511182.1670230887&jid=1677704585&_u=YGDAgEABAAAAAEAAI~&z=994660936

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 110ms
53ms Image
image/gif 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-16&cid=1800511182.1670230887&jid=1329951000&_u=YGDAAEABAAAAAGAAI~&z=845605597

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 110ms
54ms Image
image/gif 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11428483-19&cid=1800511182.1670230887&jid=571533322&_u=YGDAAEABAAAAAGAAI~&z=1661293045

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022112901.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 89ms
25ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133261
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 09:37:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Dec 2023 01:15:07 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 264 B
759 B 188ms
127ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.rbc.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5ea6aa76900136ed243cf3076d034e4753f56b010f20aa5996d089adceab008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124
x-xss-protection: 0
expires: Mon, 05 Dec 2022 09:01:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 117ms
50ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rbc.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 632ms
578ms XHR
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2106439875581553&correlator=4293638550877525&eid=31068367&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=67465299%2CRBC_main_pages_premium_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3409417865&sfv=1-0-40&cust_params=site_variables%3Drus%252Cwwwsite&sc=1&cookie_enabled=1&abxe=1&dt=1670230887376&lmt=1670230887&dlt=1670230886616&idt=713&adxs=1150&adys=533&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.rbc.ua%2F&ref=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&frm=20&vis=1&psz=300x2318&msz=300x-1&fws=0&ohw=0&ga_vid=1800511182.1670230887&ga_sid=1670230887&ga_hid=910341004&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebd803dd95fe5ee8958f809a3bd868cf8f4d30057ec5ff6fdfae78d71530d284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10326
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rbc.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F3A 6 KB
3 KB 127ms
50ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 09:01:27 GMT
expires: Tue, 05 Dec 2023 09:01:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
694 B 110ms
49ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.rbc.ua&callback=_gfp_s_&client=ca-pub-3325851766052018&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33cb30424c1ac6b96a65175dfae2c01a14b278b965f20e2c535f9006ef03c2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.rbc.ua%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.rbc.ua
URL: https://www.rbc.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D97 0
19 B 151ms
98ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3325851766052018&output=html&adk=1812271804&adf=3025194257&lmt=1670230887&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.rbc.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670230887091&bpp=4&bdt=475&idt=337&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6926965282847&frm=20&pv=2&ga_vid=1800511182.1670230887&ga_sid=1670230887&ga_hid=910341004&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070994%2C44770880&oid=2&pvsid=2106439875581553&tmod=941806506&uas=0&nvt=1&ref=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 09:01:27 GMT
expires: Mon, 05 Dec 2022 09:01:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 275 B
390 B 128ms
128ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.rbc.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: dd8d8fcb8fdd7530c2acc2b20f076bcdac034f996a6b269cfb4246a27fe7b974

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:27 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 275
expires: Wed, 04 Jan 2023 09:01:27 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 8865 5 KB
3 KB 622ms
131ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: 043327c8ed314321b8a9e283ffdfd0b4846a7d598d2899a4bf8bc1c9031ec82a

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2713
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 09:01:28 GMT
etag: PRIVATE7520710249
expires: Wed, 04 Jan 2023 09:01:28 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 container.html Show response
5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 47DA 6 KB
3 KB 116ms
62ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 09:01:27 GMT
expires: Tue, 05 Dec 2023 09:01:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1670230888125/
Redirect Chain

https://gaua.hit.gemius.pl/_1670230888125/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww...
https://gaua.hit.gemius.pl/__/_1670230888125/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
425 B

252ms
252ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1670230888125/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&ref=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=JBNxH6m4zqKRuAE6S3Z.nUi8gx3Cz2Y74NBoHo2XgND.p76.rNN1RGP6tQe.IrTKLOsuN7lB_M4KKgbUG1pq5FWMEUNi/QwrZI4R83IhlC/&fpdata=.jFmtXI5wjzhLU9.bNJ.YlcyhDZyvCnBy0Xudsa2pOL.77&ltime=651&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638db3671c0469cb&fpcap=
Requested by: Host: www.rbc.ua
URL: https://www.rbc.ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 795922bcd44a336d554785d80c13a29b206b7aff5d0caca903898a35016dd9b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:28 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Sun, 04 Dec 2022 09:01:28 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:28 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1670230888125/rexdot.js?l=100&sendf=8&id=.XA6P6MEZv6QQwBNqHFPaMeBj1i8DA9UFtzsAd52vxL.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.rbc.ua%2F&ref=http%3A%2F%2Frbc.ua.admin-eu2.cas.ms%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=JBNxH6m4zqKRuAE6S3Z.nUi8gx3Cz2Y74NBoHo2XgND.p76.rNN1RGP6tQe.IrTKLOsuN7lB_M4KKgbUG1pq5FWMEUNi/QwrZI4R83IhlC/&fpdata=.jFmtXI5wjzhLU9.bNJ.YlcyhDZyvCnBy0Xudsa2pOL.77&ltime=651&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638db3671c0469cb&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 04 Dec 2022 09:01:28 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 47DA 0
0 65ms
64ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3X7tZ7ONY5TIHofZogaJpoDQDoWYsrBs64T-sKcQwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItOTYxNDAyMTcxMDUwNjkxNMgBCeACAKgDAaoEkQJP0JadgdZ-lcVDst8NFwgeYaFx0i8662ize_NEz8-g54uqiP5bJCLAX3Aa158BAwhIbmpOj-xkYGsynTNe3GzLGRDbEJ48ec7Y4TAiBCzZ6Yr-cRS9Glu_1CjVc0-_c3cwUHCn3WhIt_bueBAhPJIQ32iXZeih9SM5_X84lcPUwgy7d5nOD70OxMjDvewTui99hdB3_e6l0PAFqGYShSyRJkXw8ASs481gcH0QEYz81HWw7tNvzMS3dcq_kE825ThecL0RcEW-j3culOIs96UoZYB3ZTHh4gsTY_DRG-5V2kb5I8pDdxDnvLRnvvAe4bVdfDD-S01Hl9E6016RBIa6-fPyj3n90NHzfcrxG7Ye9TzgBAGABrL9r6mfqcnXIqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTk2MTQwMjE3MTA1MDY5MTQY-_YS&sigh=7_gtF8GLCHE&uach_m=[UACH]&cid=CAQSSwDq26N94u2M4P5PCd1wJgiEU8QnILebePfdkNbGecEWJpJjEdwyUaKbkWu2lxMt7eSIvisu6JvGz1g8dZi7pgRTzhu3rgAUZTRadxgBIBM
Requested by: Host: rbc.ua.admin-eu2.cas.ms
URL: http://rbc.ua.admin-eu2.cas.ms/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1 200
OK aid:638db367bde3a22906730008;cid:2281467;arid:112738;c:Y42zZwAHpBQKyKyHAAATCd5PpTTKT9XJAxp0NA;bexp:1800;uih:07fb3a20;vtc:1
node-p2e-gmd8xz.sitescout.com/adx/win/ Frame 47DA 0
0 147ms
29ms Fetch 216.151.214.131
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://node-p2e-gmd8xz.sitescout.com/adx/win/aid:638db367bde3a22906730008;cid:2281467;arid:112738;c:Y42zZwAHpBQKyKyHAAATCd5PpTTKT9XJAxp0NA;bexp:1800;uih:07fb3a20;vtc:1
Requested by: Host: rbc.ua.admin-eu2.cas.ms
URL: http://rbc.ua.admin-eu2.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.151.214.131 San Antonio, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: A /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 09:01:28 GMT
Server: A
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0,no-cache,no-store
Connection: close
Content-Length: 0
Expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 47DA 28 KB
11 KB 79ms
25ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 05 Dec 2022 09:12:53 GMT

GET
H/1.1 200
OK aid:638db367bde3a22906730008;cid:2281467;arid:112738;c:Y42zZwAHpBQKyKyHAAATCd5PpTTKT9XJAxp0NA;bexp:1800;uih:07fb3a20;vtc:1
node-p2e-gmd8xz.sitescout.com/adx/px/ Frame 47DA 43 B
683 B 146ms
30ms Image
image/gif 216.151.214.131
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node-p2e-gmd8xz.sitescout.com/adx/px/aid:638db367bde3a22906730008;cid:2281467;arid:112738;c:Y42zZwAHpBQKyKyHAAATCd5PpTTKT9XJAxp0NA;bexp:1800;uih:07fb3a20;vtc:1
Requested by: Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.151.214.131 San Antonio, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: A /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 09:01:28 GMT
Server: A
Content-Type: image/gif
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Cache-Control: max-age=0,no-cache,no-store
Connection: close, close
Content-Length: 43
Expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 47DA
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=aFHpUTUZRYiCytOoA7-jJWONs2g

170 B
502 B

112ms
51ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=aFHpUTUZRYiCytOoA7-jJWONs2g

Requested by

Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:27 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=aFHpUTUZRYiCytOoA7-jJWONs2g
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 aa.js Show response
q.adrta.com/ Frame 47DA 887 B
1 KB 121ms
33ms Script
application/javascript 52.22.219.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/aa.js?cb=1670230887576
Requested by: Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.219.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-219-253.compute-1.amazonaws.com
Software: nginx /
Resource Hash: de7ae0a25ce3789000a6f07064d19df47c56d9f1116fbb761945f487c0f5d7b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 09:01:28 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 47DA 3 KB
1 KB 35ms
33ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 01:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 01:28:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 47DA 18 KB
8 KB 31ms
29ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 18:53:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 18:53:49 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 47DA 24 KB
6 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 07:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Dec 2023 07:38:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47DA 155 KB
47 KB 129ms
77ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 09:01:28 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 47DA 60 KB
23 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 20:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 20:12:54 GMT

GET
H2 200 B28103821.341175198;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;kw=%5Burl_encoded_publisher_data%5D;dc_adk=623461844;ord=l3mi87;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253F... Show response
ad.doubleclick.net/ddm/adj/N254002.3027484BASISDSP/ Frame 47DA 54 KB
27 KB 161ms
91ms Script
text/javascript 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N254002.3027484BASISDSP/B28103821.341175198;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;kw=%5Burl_encoded_publisher_data%5D;dc_adk=623461844;ord=l3mi87;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3U4aZ7ONY5TIHofZogaJpoDQDoWYsrBs64T-sKcQwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItOTYxNDAyMTcxMDUwNjkxNMgBCeACAKgDAaoElAJP0JadgdZ-lcVDst8NFwgeYaFx0i8662ize_NEz8-g54uqiP5bJCLAX3Aa158BAwhIbmpOj-xkYGsynTNe3GzLGRDbEJ48ec7Y4TAiBCzZ6Yr-cRS9Glu_1CjVc0-_c3cwUHCn3WhIt_bueBAhPJIQ32iXZeih9SM5_X84lcPUwgy7d5nOD70OxMjDvewTui99hdB3_e6l0PAFqGYShSyRJkXw8ASs481gcH0QEYz81HWw7tNvzMS3dcq_kE825ThecL0RcEW-j3culOIs96UoZYB3ZTHh4gsTY_DRG-5V2kb5I8pDdxDnvLRnvrIcwSfzoLD0qs02Ql1POfpuDq7n1-slQe2IOn9RVebpt06G_90AkuXgBAGABrL9r6mfqcnXIqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1XsKxwf3kqhLcaVCbo2aiaEEVKlw%2526client%253Dca-pub-9614021710506914%2526adurl%253Dhttps%25253A%25252F%25252Fclickserv.sitescout.com%25252Fclk%25252F8de2aa9bd9382842%25252F375b1b97d89da2d5%25252F638db367bde3a22906730008%25252F0%25253Fr%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.rbc.ua%2F$0;xdt=1;crlt=hfv6pLeeoz;gcsr=m;stc=1;chaa=1;sttr=42;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

4799c42120453d63e0148e9e60c64ae458dc4a7d48911dd060f72b480a3d651e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26622
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 47DA 8 KB
3 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N254002.3027484BASISDSP/B28103821.341175198;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;kw=%5Burl_encoded_publisher_data%5D;dc_adk=623461844;ord=l3mi87;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3U4aZ7ONY5TIHofZogaJpoDQDoWYsrBs64T-sKcQwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItOTYxNDAyMTcxMDUwNjkxNMgBCeACAKgDAaoElAJP0JadgdZ-lcVDst8NFwgeYaFx0i8662ize_NEz8-g54uqiP5bJCLAX3Aa158BAwhIbmpOj-xkYGsynTNe3GzLGRDbEJ48ec7Y4TAiBCzZ6Yr-cRS9Glu_1CjVc0-_c3cwUHCn3WhIt_bueBAhPJIQ32iXZeih9SM5_X84lcPUwgy7d5nOD70OxMjDvewTui99hdB3_e6l0PAFqGYShSyRJkXw8ASs481gcH0QEYz81HWw7tNvzMS3dcq_kE825ThecL0RcEW-j3culOIs96UoZYB3ZTHh4gsTY_DRG-5V2kb5I8pDdxDnvLRnvrIcwSfzoLD0qs02Ql1POfpuDq7n1-slQe2IOn9RVebpt06G_90AkuXgBAGABrL9r6mfqcnXIqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1XsKxwf3kqhLcaVCbo2aiaEEVKlw%2526client%253Dca-pub-9614021710506914%2526adurl%253Dhttps%25253A%25252F%25252Fclickserv.sitescout.com%25252Fclk%25252F8de2aa9bd9382842%25252F375b1b97d89da2d5%25252F638db367bde3a22906730008%25252F0%25253Fr%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.rbc.ua%2F$0;xdt=1;crlt=hfv6pLeeoz;gcsr=m;stc=1;chaa=1;sttr=42;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 13:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 13:19:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 47DA 0
0 126ms
58ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyTEFz-awf5CO-rRnCBYoXASx40c3gj3Ei9RUg7l8OuM6bDPFXXpJhCi2lr8_Pf04OLxgi3mKLSql5mmZGJU3DNAfUi94wGjtAjQKXWmCcbuO0A95MLc44PHWZGBXJkvzx-DW3f-uO6EQFT3VEF7Lns6h9&sai=AMfl-YRhadER4BLb8pJJCcbC5pSxcXvNdwzvHxK23EW4H5Mya8z20_7Wei21nVL5IyzROatX2hQ3l5ptl_aMJiUKxB8fxom4w3bAMfvDPS6K&sig=Cg0ArKJSzId4dQidGmwhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.95876&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Dec 2022 09:01:28 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 47DA 41 KB
15 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 05:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 05:12:10 GMT

GET
H2 200 9829020566263581033
s0.2mdn.net/simgad/ Frame 47DA 30 KB
31 KB 86ms
26ms Image
image/jpeg 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9829020566263581033

Requested by

Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e111ab124368adb62bdc7513c5d16627c2d7441691a11507bfb6827b7dd063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 07:40:32 GMT
x-content-type-options: nosniff
age: 4856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31008
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 15:31:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 07:40:32 GMT

GET
H2 200 r.js Show response
q.adrta.com/ Frame 47DA 107 B
314 B 35ms
34ms Script
application/javascript 52.22.219.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/r.js?v=22.110&rcb=272816&cb=1670230887576
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1670230887576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.219.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-219-253.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 09c67308345a1edf95ae09dde21e355213f7476f2d8337961a3cbc6a101cf113

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 09:01:28 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 47DA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cdacbbf0da5e2b03ee20b819fe4b3b40af2f8a4098a104758cd58b0b323f871

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9069 22 KB
8 KB 26ms
26ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 272957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 05:12:11 GMT
expires: Sat, 02 Dec 2023 05:12:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 47DA 0
0 117ms
56ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyTEFz-awf5CO-rRnCBYoXASx40c3gj3Ei9RUg7l8OuM6bDPFXXpJhCi2lr8_Pf04OLxgi3mKLSql5mmZGJU3DNAfUi94wGjtAjQKXWmCcbuO0A95MLc44PHWZGBXJkvzx-DW3f-uO6EQFT3VEF7Lns6h9&sai=AMfl-YRhadER4BLb8pJJCcbC5pSxcXvNdwzvHxK23EW4H5Mya8z20_7Wei21nVL5IyzROatX2hQ3l5ptl_aMJiUKxB8fxom4w3bAMfvDPS6K&sig=Cg0ArKJSzId4dQidGmwhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=162&vt=11&dtpt=161&dett=2&cstd=0&cisv=r20221110.95876&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Dec 2022 09:01:28 GMT

GET
H2 200 cdnf.js Show response
pix.adrta.com/ Frame 47DA 31 KB
11 KB 121ms
37ms Script
application/javascript 13.33.60.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.adrta.com/cdnf.js?v=22.110
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1670230887576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-82.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 026a0554646b85cca7266d6f966f533546ff6d85e5d8dd8544ac782176752a3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: Xnn_PUyruVbClLXjAUevk3KGgl_dQaDB
content-encoding: gzip
via: 1.1 542aa1c3fd7431ac31b596fde254f388.cloudfront.net (CloudFront)
date: Sun, 04 Dec 2022 22:47:06 GMT
last-modified: Mon, 21 Nov 2022 08:58:43 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
age: 36863
etag: W/"4904e2e0b3f728c31a78c805552ba248"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: GJhijQtwF9aXFFldvoliqDuM0jGIAlh3u6qFso_EBILjS5JmfyUSSw==

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9069 36 KB
16 KB 29ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 06:18:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 06:18:03 GMT

GET
H2 200 / Show response
ipv6.adrta.com/ Frame 47DA 130 B
246 B 249ms
77ms Script
text/javascript 2600:1f14:b4f:4b01:c358:4544:64b7:3a66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6.adrta.com/?callback=_1670230888995

Requested by

Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.110

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:b4f:4b01:c358:4544:64b7:3a66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1ba3c755bbcb6fb49c392d4cd0146e3c02146bc424906b7ce3babaa094b100a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
content-type: text/javascript; charset=utf-8

GET
H2 200 i Show response
adrta.com/ Frame 47DA 144 B
272 B 125ms
33ms Script
text/javascript 52.22.40.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=47159505&__aasv=22.111&__aaii=3375880740352272490&__aait=1670230888760&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=9&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=3&__aart=11&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=1670230887576&__aaxf=96.9.249.34%2C%2010.1.1.118&__aaci=ss&paid=ss&avid=112738&caid=2281467&publisherId=pub-9614021710506914&kv5=1&plid=6471311&segment=&kv4=2602%3Affc8%3A2%3A%3A&kv14=&kv1=300x250&siteId=&kv7=8&kv15=ABOVE_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=638db367bde3a22906730008&kv3=&kv55=1.0,1!google.com,pub-9614021710506914,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&kv2=https%3A%2F%2Fwww.rbc.ua%2F&__aapu=https%3A%2F%2F5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&__aapr=https%3A%2F%2Fwww.rbc.ua&__aatu=https%3A%2F%2Fwww.rbc.ua
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.110
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.40.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-40-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41a042b38c23c70eb8c87d86129fabd3d3673bf5514d4fb815eb4948179cbae3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Mon, 05 Dec 2022 09:01:29 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9069 0
20 B 56ms
56ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BW-AQaLONY8z7I4u-yQOFxqyQBwAAAAA4AeAEAg&bg=!VValVhLNAAbvMpMzzzI7ACkAdvg8WlOnCH5iJSv14w9fpfPvHLVNiHB1ILV6Tt9UEJJk2RNouo0UwgIAAABkUgAAAAJoAQeZAvkFSHTOBuwHkOXQqx_0hcsikYaBU7gf55jjBUXex_rTzkJtv8LJuVJ-yj--AvM4BXNDraAHdA8zk1Jw1Wzra4iCClg9AW_E5gBG4j5mRLHQ1qX2Kxs1Tx-DhJaonZXgVGqSC-Oqoq4LfMnkU68HwRplOxz3g0z80WdtbHpEPuPZcxb6r2iK8Gmc92cFwz3qOjBGyiuQLGrC0scgLd3iTNMbsRwcHaqtlP0YVqriQHy03xslUhrGNgnuIOaFoAPKp-MvR4o5X3DQovMFo6Yz9PMNEb37oeKjQ1cNj0gD_hiEHZwJX2gg3DHCNnwPwoWDVO4T6sazyNzFvC1wFYSTg0-PBShS7EQN6RYx_cd357TnyErCXVQ3mM2MI0_eg2vScHBFwyXRS6v2d1QS6ekCOTqYpTpS0xn8BAyFFoNlR0DhDXfCcPp8VXgKo1dbhJsxaVGYOAUALr1_pcaDCrwz1jFrajeW2tqt1rIxWHQfbEE2dm7TW8OpJ_x5_wYFGByEXijgIty1NJMqjmS38sUibqkcvrYOBLxPbf3Okz8RS3s8NAK8DQ9S90IwNr07ivgsK4ZQDt5Z2BWzmKfD_PR_gLmz3m4ixAdzz5KQHGU2VRRqY8UWVYin6hJpafPQBJF8N1UcJARQb788WS4IuN-HO9EtK4VGNHvpGG-sPUne97Sxn0T6NkSL7cHcO_yYLj0ugIjYP7_8u7d3JxxOFaD_9xEiBHyx73Vti-vnqBI5G8gRfWKtB6_mCgCigiUcjRtG7lCM_KgTcaIKDurg96UeqzGMXY1etScDR0H4udbXCSwrlMQCPJb6Ph-kMQRkX7lN0XPYU-weXdO8lp22JiR6vO2u3RGrvBKvkaJAu9xAzh6NBVZjtUUJiMGLjDJJr3xmzOzfsow22Lo_6MHCYCuaU2zUeXE6U-CeloZJkoYzwj0nTrDvzm9Siv6fRObaSurIlD2AIRhJFruna7ZRLJD12s33_JGM1dfCHsJ1DdtTyEGyLjhu01SjAPknoQ

Requested by

Host: 5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
URL: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 55ms
55ms XHR
application/json 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

1b5ca36b866749551bbb7ef0e8cbabb2ee4e6cc26b66919a6b627526e253d941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11300
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 83ms
83ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 09:01:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F7E7 13 KB
5 KB 26ms
26ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 114355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 01:15:34 GMT
expires: Mon, 04 Dec 2023 01:15:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9681 783 B
967 B 413ms
47ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cdf55666b58c9075d6175de7fed645ed7a4bc6f6fbc95be28c40612901bfdf29

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Hfn_dep_w2DgS2-BHpYxpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rbc.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-Hfn_dep_w2DgS2-BHpYxpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 09:01:29 GMT
expires: Mon, 05 Dec 2022 09:01:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame F7E7 36 KB
16 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 06:18:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 06:18:03 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47DA 42 B
64 B 85ms
84ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviQ3CGK7ZnTysQvu0I14iIJtcwwBzM8AmpD57B_r3DfFIAzUEM0q_JUuQHW0te8qW5hr8FPZWSTtHzacU443txjOic&sig=Cg0ArKJSzGWuoDG92pfZEAE&id=lidar2&mcvt=1017&p=533,1150,787,1450&mtos=0,1017,1017,1017,1017&tos=0,1017,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3409417865&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670230888033&rpt=793&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47DA 42 B
64 B 86ms
85ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu63E-RxDLsEgiOpVIkjtSimhq9nXbULX25OxLlqI0KBSx1dFOhYgTbV9JzJycqk_ZRctKXdTCgRBGrJgM0V71fm2QUzOfX0fo&sig=Cg0ArKJSzC7Hlhi7ci4IEAE&id=lidar2&mcvt=1020&p=0,0,250,300&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=623461844&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670230888033&rpt=798&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 09:01:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9681 0
0 59ms
59ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022112901&jk=2106439875581553&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F7E7 0
10 B 30ms
30ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q5eLtg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:01:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 i Show response
adrta.com/ Frame 47DA 15 B
172 B 34ms
32ms Script
text/javascript 52.22.40.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=59834093&__aasv=22.111&__aaii=3375880740352272490&__aait=1670230888760&__aasi=5000536471612740928&__aast=1670230888461&__aavi=15182855419829603018&__aavt=1670230888461&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=9&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=3&__aart=11&__aaax=0&__aaay=0&__aasz=300x250&__aapf=1&__aaec=4&__aaup=2&__aaat=0&__aaae=0&__aaav=1&__aaas=1109&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1670230887576&__aaxf=96.9.249.34%2C%2010.1.1.118&__aas21=2602%3Affc8%3A2%3A104%3A%3A12&__aas23=2602%3Affc8%3A2%3A104%3A%3A12%2C%2010.2.1.236&__aaci=ss&paid=ss&avid=112738&caid=2281467&publisherId=pub-9614021710506914&kv5=1&plid=6471311&segment=&kv4=2602%3Affc8%3A2%3A%3A&kv14=&kv1=300x250&siteId=&kv7=8&kv15=ABOVE_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=638db367bde3a22906730008&kv3=&kv55=1.0,1!google.com,pub-9614021710506914,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&kv2=https%3A%2F%2Fwww.rbc.ua%2F&__aapu=https%3A%2F%2F5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&__aapr=https%3A%2F%2Fwww.rbc.ua&__aatu=https%3A%2F%2Fwww.rbc.ua
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.110
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.40.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-40-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Mon, 05 Dec 2022 09:01:30 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022112901&jk=2106439875581553&bg=!uLulu__NAAbvMpMzzzI7ACkAdvg8Wp1m42BwB3Ue5J2_EMCNcjEmoUaRuLbKG31zQRJV1cSNYK8PjwIAAACDUgAAAAJoAQcKABsYx7M0Pw9URgXglrJS86meX6j8r5xDrA86dr2ZAp5UAq5GVDvRcOXExbVzpwWqBE6vnHhvE3lUWCJG4GaljDLWrsPefmrNHAfqqMmEfd_sluB87odAvU6vgeiFW3bvYDM6NZZ7W9M8Y1N5FK876sW10YjiIuaZGWESIOhlrD6SDSEr0fqPUp3Jmf8CJ37h_wLEHqPMr16rWdh2tJqymGMSwyBzKqUX0UmGTM-7-yfTTnBPfA6Zq_VGjnw-5zHf-ndtoQ44CaHP624sbPYjPsJ6TMuRa9OegQfkm2Y0NYwgtK99I5NjjJ57A-a346W8h0NP4ZQXb1_LYTTf7oZo8ENNasgRRQ_qAKNMEalqGlMvVRVKt99mVhLmyAH0gN8jlJbiJw1D64jH7QT0CwOuCoh5_Ru-kDX3-utpIdEkOqidi8FiWHBnx-HD4VAZ_oQaIytcXzjkwLAS3e4VpIaetFH7senUpDVJHwos5wQW4-x7vUFMEi-sLafZajlB9gJMANPJQCN9LdxjMjk36nn5X_RVnNaThkpVYJqFYiaC6KzfCIgzl9wkd615yUA4QPnKkmtY1Vcvjw6LEx1yZASiDdLzaQaJgpzeMkeZPMWj-5eIVZE8M_wRAaf0ZT2-0w6WTNADbL-UPXEnq3CqnZ4zRzVQVofQ7AQEA-ON10jPbLlRt8XgU2aqv17DRBNVDlOTVkvQgs-oBcLwiDDH30FAruuCh8jC68_lxWMKCayiwBZ5dAr14Uxsqf7HODHZ7I17Rfnr3G5xDfwojbE58Uybx_WkxzuKOjDenHbmiL0FFysGiUEmJ5qhzSvFkbOcH7YOpgARyD99feKD4c9BrVG9eFBN2fZlJbn73DYVVNDLJwD-EhhojoaEWbrBsRQW7fS-Ryn7QvT0pPEjlkHKuGfvDkFej1BCOqpjIydJTXme
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rbc.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rbc.ua/	1970-01-20 17:33:10	Name: _ga Value: GA1.2.1800511182.1670230887
.rbc.ua/	1970-01-20 07:58:37	Name: _gid Value: GA1.2.459025595.1670230887
.rbc.ua/	1970-01-20 07:57:10	Name: _gat Value: 1
.rbc.ua/	1970-01-20 07:57:10	Name: _gat_editionTracker Value: 1
.rbc.ua/	1970-01-20 07:57:10	Name: _gat_withoutiaTracker Value: 1
.rbc.ua/	1970-01-20 17:25:58	Name: __gfp_64b Value: .jFmtXI5wjzhLU9.bNJ.YlcyhDZyvCnBy0Xudsa2pOL.77\|1670230887
.rbc.ua/	1970-01-20 17:18:46	Name: __gads Value: ID=1ae455ae5139b042:T=1670230887:S=ALNI_MZxtMdcSDUYh8WQlcmgZmm8MCsyrA
.rbc.ua/	1970-01-20 17:18:46	Name: __gpi Value: UID=000008c66442fd58:T=1670230887:RT=1670230887:S=ALNI_MZitPOO9pp1-m08Znb1nCdQfy4FYg
.hit.gemius.pl/	1970-01-20 08:07:15	Name: Gtest Value: KlxUGMMGQMGGn2f5UMXw6dMissGMXP8c25nSGV2EGEgRXBG.
.doubleclick.net/	1970-01-20 17:33:10	Name: IDE Value: AHWqTUlpmD7SBHR7JC2afUhxghoYZNCsLyfWBIqEEKS02ot_H4sz0E-nINeWUmNpUXg
.adrta.com/	1970-01-20 17:33:10	Name: __aavi Value: 15182855419829603018
.adrta.com/	1970-01-20 17:33:10	Name: __aavt Value: 1670230888461
.adrta.com/	1969-12-31 23:59:59	Name: __aasi Value: 5000536471612740928
.adrta.com/	1969-12-31 23:59:59	Name: __aast Value: 1670230888461
.sitescout.com/	1970-01-20 08:40:22	Name: _ssuma Value: e30
.sitescout.com/	1970-01-20 16:42:46	Name: ssi Value: 4469e50f-dcd8-4fd7-b582-d2a2e26c28b3#1670230888487
.sitescout.com/	1970-01-20 08:43:15	Name: ssdspallvtc-36d721c6a3073334 Value: 638db367bde3a22906730008
.hit.gemius.pl/	1970-01-20 17:25:58	Name: Gdyn Value: KlxWMMGGQMGGn2f5UMXw6dMissGMXP8c25nSGV2EGEgRFRxSG7RrGS6Gk4GBFlMMYH7hRjBGqSRxSG8.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5dd6512e88889a4821449ddbd79fc122.safeframe.googlesyndication.com
ad.doubleclick.net
adrta.com
adservice.google.com
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ipv6.adrta.com
ls.hit.gemius.pl
mcasproxy.azureedge.net
node-p2e-gmd8xz.sitescout.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.adrta.com
pixel-sync.sitescout.com
q.adrta.com
rbc.ua
rbc.ua.admin-eu2.cas.ms
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.rbc.ua
13.33.60.82
142.250.80.34
142.250.80.70
142.251.40.226
145.239.237.56
207.198.113.93
216.151.214.131
2600:141b:13::17d7:825a
2600:1f14:b4f:4b01:c358:4544:64b7:3a66
2606:4700:20::ac43:46e7
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:809::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2004
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2006
52.151.238.5
52.22.219.253
52.22.40.109
54.37.238.28
01e111ab124368adb62bdc7513c5d16627c2d7441691a11507bfb6827b7dd063
026a0554646b85cca7266d6f966f533546ff6d85e5d8dd8544ac782176752a3e
043327c8ed314321b8a9e283ffdfd0b4846a7d598d2899a4bf8bc1c9031ec82a
044364876541ee5170f6951cd5d75de5a7e63e8ec828bf994b6839cbd0d6529b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
09c67308345a1edf95ae09dde21e355213f7476f2d8337961a3cbc6a101cf113
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1b27787017d71ed2a0b92667c109eec42c4fe5722866b86c4185c64111fb0ea7
1b5ca36b866749551bbb7ef0e8cbabb2ee4e6cc26b66919a6b627526e253d941
1ba3c755bbcb6fb49c392d4cd0146e3c02146bc424906b7ce3babaa094b100a2
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
226d09e592cc13f6111339043db2b9e10a33ece7f886abc8ecdc39e95f9ee2d4
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a4683d0b9bed95299c42225a62878cfb0a3672677b3414ffe0c944b0ed585d
33cb30424c1ac6b96a65175dfae2c01a14b278b965f20e2c535f9006ef03c2d8
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
4194bcf5e9c2c08371c78e666e96a28bf577f2ed94d83471f4a4d254fce4ccc1
41a042b38c23c70eb8c87d86129fabd3d3673bf5514d4fb815eb4948179cbae3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4799c42120453d63e0148e9e60c64ae458dc4a7d48911dd060f72b480a3d651e
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
503d4d1488ff5bf5376971cc8b7a389133fabfd7d6376b5824afc35b6b19e6f5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575485018c1bf62495d593ada6ef2edaedc6a32df99832a0e6b7bd709a566122
5cdacbbf0da5e2b03ee20b819fe4b3b40af2f8a4098a104758cd58b0b323f871
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60de375364a31217bed1be32ebbffb054bfcec34b44e153f83da9db44b6daee4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
795922bcd44a336d554785d80c13a29b206b7aff5d0caca903898a35016dd9b6
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
911e0866d5183467fbc02fcc822a82fe09803286174cda8772a578da965dff44
9145bb0930e2dca11df3a7a156360b68b41c0f156720637b276c49db2d750061
983e01efb541530c468e1facfcd20a5eb7d8858f637eb2410788c8144df40986
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1afaaca9d81e03cba1b764611b2bf25fa8a7b8845bf971ccd1099c7fe1cae29
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a48cb9b3a2ce9f869525a77b2cad72f4095758aa3874dec4992c71d50402fb
a725aa195e98effce4431ed91c532c12cf542d41db5da3f6c361beb9e735ac99
a9437edd4224c8c939b07f585089e985322bc678875f9bdd8b6c28f685e5fe16
ab69f842348dcfe5859c97a6cfd4792ab7f806418cdafc4e602c16cc20300c28
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5ea6aa76900136ed243cf3076d034e4753f56b010f20aa5996d089adceab008
c064f32762729dccb54487dedba11d43eb0b339e83a29e1cfd6de71316ace9b5
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
cdf55666b58c9075d6175de7fed645ed7a4bc6f6fbc95be28c40612901bfdf29
cea77bc6a84d2aacdca75f1b41871a46f14d4370fe5dc4d2471f5e086d647184
d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e
d5951a2ded41941bf6c00b9866ce72f6d5301b48c4aa9938d6be734f7044b9b9
dd8d8fcb8fdd7530c2acc2b20f076bcdac034f996a6b269cfb4246a27fe7b974
de7ae0a25ce3789000a6f07064d19df47c56d9f1116fbb761945f487c0f5d7b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd803dd95fe5ee8958f809a3bd868cf8f4d30057ec5ff6fdfae78d71530d284
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f020c1ba7ee0dce0c0b9679339e958e106734fc49aa2e856c8243b821ce83600
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5fa943d73e8fd1f72fdd0eacfbe281ce0dd2ff321b4cb2d02e2ee9f180a76d9
f63e304ec909a252c22d5bb42f34d957b49b1b01a3f9d0a39433f0a409999572
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.rbc.ua Open in urlscan Pro 2606:4700:20::ac43:46e7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

97 %HTTPS

59 %IPv6

15 Domains

29 Subdomains

27 IPs

3 Countries

993 kBTransfer

2349 kBSize

18 Cookies

35 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rbc.ua Open in urlscan Pro
2606:4700:20::ac43:46e7 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

97 %
HTTPS

59 %
IPv6

15
Domains

29
Subdomains

27
IPs

3
Countries

993 kB
Transfer

2349 kB
Size

18
Cookies

88 HTTP transactions
5 data transactions