urlscan.io logo urlscan.io
SecurityTrails logo

www.finanz.ru Open in urlscan Pro
13.93.6.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://admtax.ru/
Effective URL: https://www.finanz.ru/
Submission: On February 19 via manual from HR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 9 countries across 57 domains to perform 417 HTTP transactions. The main IP is 13.93.6.214, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.finanz.ru. The Cisco Umbrella rank of the primary domain is 817582.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 6th 2021. Valid for: a year.
This is the only time www.finanz.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:f940:2:2... 197695 (AS-REG)
1 1 91.90.193.30 204957 (GREENFLOI...)
2 13.93.6.214 8075 (MICROSOFT...)
20 2.16.186.242 20940 (AKAMAI-ASN1)
1 3.129.250.65 16509 (AMAZON-02)
3 163.171.132.119 54994 (QUANTILNE...)
2 7 2a02:6b8:20::215 208722 (YNDX)
2 2a02:6b8:a::a 208722 (YNDX)
35 2a00:1450:400... 15169 (GOOGLE)
4 51.105.96.162 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 142.250.184.226 15169 (GOOGLE)
4 9 37.252.173.62 29990 (ASN-APPNEX)
1 184.31.84.150 16625 (AKAMAI-AS)
1 4 2001:6d0:4001... 52016 (TNSMSK-)
1 3 2a02:6b8::90 208722 (YNDX)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
11 104.19.216.61 13335 (CLOUDFLAR...)
12 87.240.190.67 47541 (VKONTAKTE...)
2 2a00:1450:400... 15169 (GOOGLE)
5 35.201.89.161 15169 (GOOGLE)
16 151.139.128.11 20446 (HIGHWINDS3)
1 1 66.155.71.149 13768 (COGECO-PEER1)
2 52.58.61.12 16509 (AMAZON-02)
4 2.18.234.233 16625 (AKAMAI-AS)
3 3 35.211.178.172 19527 (GOOGLE-2)
1 1 3.120.167.174 16509 (AMAZON-02)
1 99.83.189.147 16509 (AMAZON-02)
19 146.20.132.155 27357 (RACKSPACE)
8 8 23.88.75.189 24940 (HETZNER-AS)
40 146.20.132.188 27357 (RACKSPACE)
8 8 2001:678:cb4:... 56396 (AMOBEE)
8 8 52.200.181.105 14618 (AMAZON-AES)
6 15 95.142.206.0 47541 (VKONTAKTE...)
1 87.240.185.141 47541 (VKONTAKTE...)
1 95.142.206.3 60476 (MYCOM-AS)
1 95.142.206.1 47541 (VKONTAKTE...)
1 95.142.206.2 47541 (VKONTAKTE...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 29 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
34 146.20.128.61 27357 (RACKSPACE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 217.69.133.145 47764 (MAILRU-AS...)
4 2a00:1450:400... 15169 (GOOGLE)
10 14 172.217.16.130 15169 (GOOGLE)
4 13 2.18.234.21 16625 (AKAMAI-AS)
5 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
2 3 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
14 2a00:1450:400... 15169 (GOOGLE)
8 142.250.186.98 15169 (GOOGLE)
15 3.70.16.12 16509 (AMAZON-02)
1 2a03:5f80:a::... 50952 (DATAIX-AS...)
1 34.89.138.129 396982 (GOOGLE-PR...)
2 13 89.108.119.43 197695 (AS-REG)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.193.108 54113 (FASTLY)
1 54.237.114.40 14618 (AMAZON-AES)
1 52.223.40.198 16509 (AMAZON-02)
1 2 209.54.177.54 16509 (AMAZON-02)
1 37.252.173.27 29990 (ASN-APPNEX)
1 1 185.183.112.155 60350 (VP)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 54.154.165.196 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 193.232.150.70 48061 (UMA-TECH-AS)
1 1 88.212.201.216 39134 (UNITEDNET)
2 2 52.30.140.199 16509 (AMAZON-02)
3 3 31.172.81.172 44066 (DE-FIRSTC...)
2 2 31.172.81.159 44066 (DE-FIRSTC...)
1 1 138.201.139.144 24940 (HETZNER-AS)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
2 2 35.190.16.14 15169 (GOOGLE)
1 81.222.128.216 20597 (ELTEL-AS)
417 69
1    2a00:f940:2:2:1:1:0:159 (Russian Federation)

ASN197695 (AS-REG, RU)
admtax.ru
1    91.90.193.30 (Geneva, Switzerland)

ASN204957 (GREENFLOID-AS, BG)
PTR: batya64916.vds
trx.lm-invest24.site
2    13.93.6.214 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.finanz.ru
20    2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com
script.finanz.ru
styles.finanz.ru
images.finanzen.net
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
3    163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)
cdn.viewst.com
7    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
2    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
35    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    51.105.96.162 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pproxy.finanz.ru
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
9    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
15    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
11    104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.lentainform.com
c.lentainform.com
cdn.lentainform.com
servicer.lentainform.com
s-img.lentainform.com
cm.lentainform.com
autocounter.lentainform.com
12    87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com
vk.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
5    35.201.89.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.89.201.35.bc.googleusercontent.com
mdsngpush.finanzen.net
16    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.58.61.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
a.vidoomy.com
4    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    3.120.167.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-167-174.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    99.83.189.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae6a0aaac8071ff4b.awsglobalaccelerator.com
stg.vidoomy.com
19    146.20.132.155 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
8    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
40    146.20.132.188 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
8    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
8    52.200.181.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com
sync.srv.stackadapt.com
15    95.142.206.0 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv0-206.vkontakte.ru
st6-20.vk.com
sun6-20.userapi.com
1    87.240.185.141 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv141-185-240-87.vk.com
sun9-14.userapi.com
1    95.142.206.3 (Russian Federation)

ASN60476 (MYCOM-AS, NL)
PTR: srv3-206.vkontakte.ru
sun6-23.userapi.com
1    95.142.206.1 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv1-206.vkontakte.ru
sun6-21.userapi.com
1    95.142.206.2 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv2-206.vkontakte.ru
sun6-22.userapi.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
29    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
34    146.20.128.61 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
3    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
4    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
14    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net
13    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
vidoomy-d.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
3    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
14    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
15    3.70.16.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    2a03:5f80:a::b212:e78b (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
code.createjs.com
1    34.89.138.129 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 129.138.89.34.bc.googleusercontent.com
admin.viewst.com
13    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    54.237.114.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-114-40.compute-1.amazonaws.com
vast.emxdgt.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    54.154.165.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-165-196.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a05:d018:d29:3602:c696:f562:c9de:84f6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    193.232.150.70 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp14.sender.ltmse.com
px.adhigh.net
1    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru
counter.yadro.ru
2    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
3    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    138.201.139.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de
cm.p.altergeo.ru
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
2    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru
ssp.adriver.ru
Apex Domain
Subdomains		 Transfer
109 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 15712
v.lkqd.net — Cisco Umbrella Rank: 4491
cs.lkqd.net — Cisco Umbrella Rank: 2677
t.lkqd.net — Cisco Umbrella Rank: 9573
497 KB
69 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
512 KB
40 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
363 KB
25 vk.com
vk.com — Cisco Umbrella Rank: 5435
st6-20.vk.com — Cisco Umbrella Rank: 143501
1 MB
18 finanz.ru
www.finanz.ru — Cisco Umbrella Rank: 817582
script.finanz.ru
styles.finanz.ru
pproxy.finanz.ru
576 KB
15 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1058
8 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
1 MB
13 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13663
33 KB
13 finanzen.net
images.finanzen.net — Cisco Umbrella Rank: 37227
mdsngpush.finanzen.net — Cisco Umbrella Rank: 111704
68 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 427
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
12 KB
11 gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
fonts.gstatic.com
139 KB
11 lentainform.com
jsc.lentainform.com — Cisco Umbrella Rank: 45952
c.lentainform.com — Cisco Umbrella Rank: 43121
cdn.lentainform.com — Cisco Umbrella Rank: 57193
servicer.lentainform.com — Cisco Umbrella Rank: 46555
s-img.lentainform.com — Cisco Umbrella Rank: 43941
cm.lentainform.com — Cisco Umbrella Rank: 15205
autocounter.lentainform.com — Cisco Umbrella Rank: 52408
221 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 547
secure.adnxs.com — Cisco Umbrella Rank: 350
25 KB
8 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
2 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
3 KB
8 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 911
2 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6444
168 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
228 KB
6 userapi.com
sun6-20.userapi.com — Cisco Umbrella Rank: 38171
sun9-14.userapi.com — Cisco Umbrella Rank: 53906
sun6-23.userapi.com — Cisco Umbrella Rank: 37743
sun6-21.userapi.com — Cisco Umbrella Rank: 39265
sun6-22.userapi.com — Cisco Umbrella Rank: 38114
14 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 322
vidoomy-d.openx.net — Cisco Umbrella Rank: 32782
705 B
5 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1378
an.yandex.ru — Cisco Umbrella Rank: 2553
153 KB
4 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10398
ad.mail.ru — Cisco Umbrella Rank: 8847
13 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 614
5 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
ssl.google-analytics.com — Cisco Umbrella Rank: 236
37 KB
4 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 10674
2 KB
4 viewst.com
cdn.viewst.com — Cisco Umbrella Rank: 658977
admin.viewst.com — Cisco Umbrella Rank: 736892
370 KB
4 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 20680
a.vidoomy.com — Cisco Umbrella Rank: 9883
stg.vidoomy.com — Cisco Umbrella Rank: 22503
6 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 2847
2 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 469
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
2 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 8499
490 B
2 adsniper.ru
sync3.adsniper.ru — Cisco Umbrella Rank: 12180
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
831 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11262
853 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 618
2 KB
2 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 835
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 792
344 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
914 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 12204
201 B
1 altergeo.ru
cm.p.altergeo.ru — Cisco Umbrella Rank: 49374
549 B
1 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8633
287 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1613
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1254
307 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
265 B
1 emxdgt.com
vast.emxdgt.com — Cisco Umbrella Rank: 15752
329 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1135
63 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 4831
322 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
263 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
414 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
46 KB
1 lm-invest24.site
trx.lm-invest24.site
801 B
1 admtax.ru
admtax.ru
332 B
417 57
Domain Requested by
40 cs.lkqd.net ad.lkqd.net
35 pagead2.googlesyndication.com www.finanz.ru
pagead2.googlesyndication.com
www.gstatic.com
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
34 t.lkqd.net ad.lkqd.net
29 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.finanz.ru
pagead2.googlesyndication.com
19 v.lkqd.net ad.lkqd.net
16 ad.lkqd.net admtax.ru
ad.lkqd.net
15 ads.adaptv.advertising.com ad.lkqd.net
14 s0.2mdn.net admtax.ru
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
14 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
admtax.ru
13 x01.aidata.io 2 redirects www.finanz.ru
x01.aidata.io
13 st6-20.vk.com 6 redirects vk.com
st6-20.vk.com
12 vk.com www.finanz.ru
script.finanz.ru
vk.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 ib.adnxs.com 4 redirects script.finanz.ru
googleads.g.doubleclick.net
acdn.adnxs.com
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
admtax.ru
8 sync.srv.stackadapt.com 8 redirects
8 ad.turn.com 8 redirects
8 csync.loopme.me 8 redirects
8 images.finanzen.net www.finanz.ru
7 yastatic.net 2 redirects yastatic.net
6 www.googletagservices.com googleads.g.doubleclick.net
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
6 styles.finanz.ru www.finanz.ru
styles.finanz.ru
6 script.finanz.ru www.finanz.ru
5 www.gstatic.com googleads.g.doubleclick.net
5 mdsngpush.finanzen.net script.finanz.ru
5 dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google.com dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 ads.stickyadstv.com www.finanz.ru
ad.lkqd.net
4 www.tns-counter.ru 1 redirects www.finanz.ru
4 securepubads.g.doubleclick.net script.finanz.ru
securepubads.g.doubleclick.net
4 pproxy.finanz.ru www.finanz.ru
3 vidoomy-d.openx.net ad.lkqd.net
3 sync.bumlam.com 3 redirects
3 s-img.lentainform.com www.finanz.ru
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 top-fwz1.mail.ru vk.com
top-fwz1.mail.ru
3 x.bidswitch.net 3 redirects
3 an.yandex.ru 1 redirects yastatic.net
3 cdn.viewst.com www.finanz.ru
cdn.viewst.com
2 redirect.frontend.weborama.fr 2 redirects
2 sync3.adsniper.ru 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 px.adhigh.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 js-sec.indexww.com script.finanz.ru
ssum-sec.casalemedia.com
2 fonts.gstatic.com fonts.googleapis.com
2 cm.lentainform.com jsc.lentainform.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 sun6-20.userapi.com vk.com
2 a.vidoomy.com admtax.ru
www.finanz.ru
2 ssl.google-analytics.com www.finanz.ru
2 jsc.lentainform.com www.finanz.ru
jsc.lentainform.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 yandex.ru www.finanz.ru
2 www.finanz.ru admtax.ru
script.finanz.ru
1 ssp.adriver.ru
1 ad.mail.ru
1 cm.p.altergeo.ru 1 redirects
1 counter.yadro.ru 1 redirects
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 match.adsrvr.org ssum-sec.casalemedia.com
1 vast.emxdgt.com ad.lkqd.net
1 ssum-sec.casalemedia.com js-sec.indexww.com
1 acdn.adnxs.com script.finanz.ru
1 admin.viewst.com cdn.viewst.com
1 autocounter.lentainform.com www.finanz.ru
1 code.createjs.com s0.2mdn.net
1 servicer.lentainform.com jsc.lentainform.com
1 cdn.lentainform.com www.finanz.ru
1 c.lentainform.com jsc.lentainform.com
1 ads.yahoo.com googleads.g.doubleclick.net
1 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
1 sun6-22.userapi.com vk.com
1 sun6-21.userapi.com vk.com
1 sun6-23.userapi.com vk.com
1 sun9-14.userapi.com vk.com
1 stg.vidoomy.com www.finanz.ru
1 sonata-notifications.taptapnetworks.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 htlb.casalemedia.com script.finanz.ru
1 cdn.jsdelivr.net script.finanz.ru
1 www.googletagmanager.com www.finanz.ru
1 ads.vidoomy.com www.finanz.ru
1 trx.lm-invest24.site 1 redirects
1 admtax.ru
417 97

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.lentainform.com
vk.com
twitter.com
www.liveinternet.ru
Subject Issuer Validity Valid
*.finanz.ru
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-06 -
2022-10-06		 a year crt.sh
www.finanzen.net
DigiCert SHA2 Secure Server CA		 2021-11-28 -
2022-11-29		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.viewst.com
AlphaSSL CA - SHA256 - G2		 2020-04-06 -
2022-06-04		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.yastatic.net
Yandex CA		 2022-01-22 -
2022-07-23		 6 months crt.sh
bs.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.finanzen.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-13 -
2023-01-13		 a year crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2021-12-10 -
2022-12-31		 a year crt.sh
ad.lkqd.net
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.vk-cdn.net
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-07 -
2022-03-30		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2022-02-15 -
2023-02-15		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh

This page contains 56 frames:

Primary Page: https://www.finanz.ru/
Frame ID: 9BDA000BD4575532C250F295AD05F1CF
Requests: 114 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: EA36696681B098B8BB217F78597F7168
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Frame ID: 5C228E584C17AE33C29C7E910EAF8B3E
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Frame ID: E7ACCF485EB81A48619932BC3A902838
Requests: 14 HTTP requests in this frame

Frame: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 71AE55B77E2366B41666B51E4CE61834
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: C560C8458F3DEA060EAEF0028B92EF53
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 6532083F65D5BC03E1572C063DCEC6FF
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 2A3EBF1BA1A4541FA3B049A32009BF67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&adk=1812271804&adf=3025194257&lmt=1645291770&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.finanz.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770767&bpp=1&bdt=804&idt=1&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da54937548e2a20c0-22c4a7dd45cd00b7%3AT%3D1645291770%3ART%3D1645291770%3AS%3DALNI_MZ_7Wd0tzFXOqeP3sauDileZBc0qg&prev_fmts=540x180%2C540x180&nras=1&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&dtd=40
Frame ID: CA2CDE528106DF42D22D27B80D733F8C
Requests: 1 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Frame ID: 353026CDBA51E178171F91704D75EBE1
Requests: 28 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A81C916B75EEF03453F42502E25B59E0
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7D7873D3A801795023EFA4AEC9E17D33
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 660EB1B6E8BD73745B5DC49906B9CD00
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: B56DDDF56F3E558FECABC2330D3E866F
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: EC354CAF07AF0FF5EF24421CB4265772
Requests: 1 HTTP requests in this frame

Frame: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4DA516251F4AF14B59C603C43EEB1FEE
Requests: 15 HTTP requests in this frame

Frame: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4574631689FC47A2F129BD513CE12D65
Requests: 14 HTTP requests in this frame

Frame: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B46CE72C46B493624CE1ED5046674E2B
Requests: 15 HTTP requests in this frame

Frame: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 463B50C65D4C37368F3646F7BD2977F5
Requests: 15 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B380F521B982E05C15A671201AB6F166
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNWYErAKr6ggWSU29lSbLavjYX-mQI8L4PmUsLBhJIyx96RWvrUN2nnTLYxfy6PsbKX_BxsmcfVnNzvr0hkCku1ZNyoS7jlrZS2pGkyLc4SxTMdQXReBGNAwJjm727Wf8VL4bgosIw0MmbEsHWt9f59EtN2iw-y76QPT_7k6roKifgjYFPU
Frame ID: F31C5CABAF2D6A9CC6D10C1A72DE09FA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNX1DBCBYOYOAXNZkZUEOedGmFqvLOfISBZo4HZRtAluc1uzYQLW8Xk_gSRl5L50P96McP1wgDmTFgsp42S7iUSEEiIZEWNnwsSuDf9l-2FiZKb1GF5V7UfQyBKq4KAvs5a0hRecT2jGP_0AE5LIDKxtcfe8GkwxmnR3I_3tnSU_nYj9ozc
Frame ID: 2A5705EE7B683E81A7C94242E8C31FA9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNXXiPNYPu5gCaouTz93RUltfy52vAbLHpIVOrw98mI69gobIFyGbL-gTCRWTdmxPf68EMdzwPYi9vXcwkyNCV9jwKR2qMTMOU6UfZx4N6CwK_FYkt8Gg2h0sZybjvNdwHHt06F9kv6yw0bJj60hsISJxB0Kn5czWDlv-jIrNtVdaDS1b3I
Frame ID: 72DADF665201AEE5DBDFDDDC9DCFE004
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGJDp854BMAE&v=APEucNW933Si4FVusnfa3iIgiEgI1YpH_6IMumqjEMKLScukF5QBepEc6GWRqsqndPEEp-b4nOcgk3K1tYbsnzsaKxx1ZPamWi105mydBD6Gon4_Y4o608GsBDH4BChzuXen6mIb1HX9sYRyo7tegb0jJrOpfsWNiFoi-AhsLGbke-Rj7rsz_3E
Frame ID: 8418FC97F9EB615905AD529C13655194
Requests: 4 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E477DE791F142BD64B3381F90B932B16
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BCE8A038E9A19844182F0C45DCCF1641
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2D20E03C4C2A4F70717D080F739CE12C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E644E1C7DA0058EE1E699A35FFE1670F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BAD6188FE25DF985B8C4A1D556BC063D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Frame ID: 59A5A3BAD1C1F0010B02FD8C04DCE695
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12495765431302633189/300x600%20deDE.html
Frame ID: 8FED89D202A7939C7ED0436CE4DAE5E1
Requests: 4 HTTP requests in this frame

Frame: https://cm.lentainform.com/i-noref.js?cbuster=1645291772335909711028
Frame ID: 0BA81DD6676E1D892E68A8E61CB0F14D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.viewst.com/cookie_iframe/cookie-iframe.html
Frame ID: 1ECA21B01540056823B433490DA51061
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 141D923EB11241578C7F451DAD71243E
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D8480C4A017CB94B5614E3E21B47087B
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Frame ID: CDE83A4AB38D341DD7B2569F4F203B6B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Frame ID: 57BA80E7CBE42BF73387261C2A6AD180
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8B0842D6F0C2503F0A59655E9C083EAD
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 848CF87499DF947559F025DF79D5ADAC
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F4D8611688C9B4E14C39F9658FA2D743
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 850D6687CF1C16FCEDB5536DBD4078D8
Requests: 10 HTTP requests in this frame

Frame: https://x01.aidata.io/stats?pixel=PROBTN&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)&url=https%3A%2F%2Fwww.finanz.ru%2F&is_js_referrer=1&origin_referrer=http%3A%2F%2Fadmtax.ru%2F&pid=PROBTN&js=1&sid=91e95ddc758b4353a7ff596c3972adc9&__upin=b3+/hydCPhbmMJ6JdJlDJw&id=1645291772499-973428146&url=https%3A%2F%2Fwww.finanz.ru%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22http%3A//admtax.ru/%22%7D%7D
Frame ID: C1D416458101D350327044E6F36B7F2D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7D24197632C759038E585D0FE9BA37A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C7961C305BCDFF4AD8F87FDA3AE51FF
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: E3D0B05390924F46AFF29B0B6A7C0786
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 18F3F67160D04E61D6DE30DB740EAC35
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1139670E59A3D5BE9542E363790471B6
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: D61E4E0190C3A4E6C14CD6FA2A850F4B
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: BFDB0F53497949440F4E16F1390F6EE1
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: EE21F5D954AC2E22A992ECB9D3424782
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: C46ABA767485F56F326C038BAABF7034
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 81C988D8637FE0AD213E48AAA55A0D55
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6AC8FAEBACCB25323F22F934CA5112C5
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1FFC62B604E709F3925C4DE82FEE2A1F
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 4392DA60C3092A5A0707E17C416E54F7
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: D6DDA844C4F0D536A90C8D3C6EB0B86A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Финансовые новости: статьи, оценки, аналитика мирового финансового рынка, котировки валют и котировки акций в реальном времени на finanz.ru

Page URL History Show full URLs

  1. http://admtax.ru/ Page URL
  2. https://trx.lm-invest24.site/GcLV81M2?aff_id=65 HTTP 302
    https://www.finanz.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

417
Requests

84 %
HTTPS

36 %
IPv6

57
Domains

97
Subdomains

69
IPs

9
Countries

6076 kB
Transfer

15036 kB
Size

66
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://admtax.ru/ Page URL
  2. https://trx.lm-invest24.site/GcLV81M2?aff_id=65 HTTP 302
    https://www.finanz.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 31
  • https://www.tns-counter.ru/V13a****forbes_ru/ru/UTF-8/tmsec=finanz_total/?d=80329.29452572843 HTTP 302
  • https://www.tns-counter.ru/V13b****forbes_ru/ru/UTF-8/tmsec=finanz_total/?d=80329.29452572843
Request Chain 36
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 61
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 63
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=733700588.24741691884080266.3092666 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=733700588.24741691884080266.3092666 HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_cc695c18-5fa3-4a5f-b65a-ec3c1ea1626f&bsw_param=2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d&expires=10 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d
Request Chain 84
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c3d2d7f1-76fe-48a0-a87f-a9dfe42083f9
Request Chain 87
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2348540956014117316
Request Chain 88
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Request Chain 89
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1fc8c0a9-d6d6-4234-8e9a-94380c21bbff
Request Chain 92
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Request Chain 93
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=VgpA-_4PRit7_62I-nDk-7nVm6U
Request Chain 101
  • https://st6-20.vk.com/dist/common.0651bbbc366ae581ec5b.js?285c6974c356935be9af70d HTTP 302
  • https://vk.com/dist/common.0651bbbc366ae581ec5b.js?285c6974c356935be9af70d
Request Chain 102
  • https://st6-20.vk.com/dist/web/ui_common.1b747ad51a6188b59d2b.js?dc8cb481b7e01b38af24e9f4dc7f84e8 HTTP 302
  • https://vk.com/dist/web/ui_common.1b747ad51a6188b59d2b.js?dc8cb481b7e01b38af24e9f4dc7f84e8
Request Chain 103
  • https://st6-20.vk.com/dist/audioplayer.9cf1a83f2a0d2f09fe5a.js?285804d60da4627f12ad5e2 HTTP 302
  • https://vk.com/dist/audioplayer.9cf1a83f2a0d2f09fe5a.js?285804d60da4627f12ad5e2
Request Chain 104
  • https://st6-20.vk.com/dist/web/audioplayer.aca3c2e8da55378883b3.js?06687162a6496db68906103913b2695e HTTP 302
  • https://vk.com/dist/web/audioplayer.aca3c2e8da55378883b3.js?06687162a6496db68906103913b2695e
Request Chain 106
  • https://st6-20.vk.com/dist/web/likes.c8308e6d45e0e7b7c94c.js?3126ac61aa3e4002fd77f99ade9a6618 HTTP 302
  • https://vk.com/dist/web/likes.c8308e6d45e0e7b7c94c.js?3126ac61aa3e4002fd77f99ade9a6618
Request Chain 107
  • https://st6-20.vk.com/dist/api/widgets/community.js?1 HTTP 302
  • https://vk.com/dist/api/widgets/community.js?1
Request Chain 145
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCL57XsHBCABBiAATIIgoSA_Oqki0U HTTP 301
  • https://tpc.googlesyndication.com/simgad/7103612115487317334
Request Chain 160
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d2c7a522-8dc9-4f57-9cc3-ae824842d16e
Request Chain 163
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Request Chain 164
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1
Request Chain 194
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhEo.ymEOrOohAr7EYs3TQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1&google_hm=2
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFKZHHpIUguYFo44vULkaO8&google_cver=1
Request Chain 196
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc4OTE3NTUwMDE5MjU3NzAxNQ%3D%3D
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1
Request Chain 198
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhEo.ymEOrOohAr7EYs3TQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1&google_hm=2
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFKZHHpIUguYFo44vULkaO8&google_cver=1
Request Chain 200
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjY4MTY2NjU4Mjc3MzQ0Ng%3D%3D
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfHtztHWFoPsOYw2vkenec&google_cver=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA7BtmjIZyf_V_UhYh1eaSg&google_cver=1
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAsvuOXLAlrKpBUrIUk6gJ0&google_cver=1
Request Chain 206
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=7f9cc4f6-91a9-11ec-b3b6-186cd56e0306 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2Y5Y2M0YWMtOTFhOS0xMWVjLWIzYjYtMTg2Y2Q1NmUwMzA2
Request Chain 275
  • https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT) HTTP 302
  • https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)&pid=PROBTN&js=1&show_js_referer=1&bounce=1
Request Chain 300
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=93c3b088-e6b8-404b-af7e-f952a426df64
Request Chain 303
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Request Chain 304
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Request Chain 317
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB&dcc=t
Request Chain 319
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 321
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE75E7EIlIAAAQ9W6hGrw&expiration=1646501373&gdpr=1
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC&google_cm HTTP 302
  • https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESEEsj-uLcUElXSm8yIXnLkKs&google_cver=1
Request Chain 327
  • https://px.adhigh.net/p/cm/aidata?u=b3%2B%2FhydCPhbmMJ6JdJlDJw&back=SYNC HTTP 302
  • https://px.adhigh.net/p/cm/aidata?u=b3%2B%2FhydCPhbmMJ6JdJlDJw&back=SYNC&bounced=1 HTTP 302
  • https://x01.aidata.io/0.gif?pid=GETINTENT&id=usS079tafQKH.AikABlF_EwggKQ&back=SYNC
Request Chain 328
  • https://counter.yadro.ru/id-redir/aidata.gif?back=SYNC HTTP 302
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=SYNC
Request Chain 329
  • https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=b3%2B%2FhydCPhbmMJ6JdJlDJw&back=SYNC HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=b3%2B%2FhydCPhbmMJ6JdJlDJw&back=SYNC HTTP 302
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=b3+/hydCPhbmMJ6JdJlDJw&back=SYNC
Request Chain 330
  • https://sync.bumlam.com/?src=aid3&uid=b3%2B%2FhydCPhbmMJ6JdJlDJw&s3_subid1=SYNC HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj90cSQBlIF-YW-5QRiFmIzKy9oeWRDUGhibU1KNkpkSmxESneqBgRTWU5D HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj90cSQBlIF-YW-5QRiFmIzKy9oeWRDUGhibU1KNkpkSmxESneiARCA2S46kakR7KbpACWQyCQ3qgYEU1lOQw** HTTP 302
  • https://sync.bumlam.com/?src=aid3&s_data=CAIQABj90cSQBmIWYjMrL2h5ZENQaGJtTUo2SmRKbERKd6IBEIDZLjqRqRHspukAJZDIJDeqBgRTWU5D HTTP 302
  • https://sync.bumlam.com/?src=aid3&s_data=CAIQARj90cSQBmIWYjMrL2h5ZENQaGJtTUo2SmRKbERKd6IBEIDZLjqRqRHspukAJZDIJDeqBgRTWU5D HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=80d92e3a-91a9-11ec-a6e9-002590c82437&back=SYNC
Request Chain 331
  • https://cm.p.altergeo.ru/aidata?aid=b3%2B%2FhydCPhbmMJ6JdJlDJw&nc=5721&url=https%3A//x01.aidata.io/0.gif%3Fpid%3DALTERGEO%26id%3D%24%7BUSER_ID%7D%26rnd%3D%24%7BRANDOM%7D%26back%3DSYNC HTTP 302
  • https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMS7zpWcEKSmeygNmE2wtGqA==&rnd=83f87ce4&back=SYNC
Request Chain 332
  • https://an.yandex.ru/mapuid/dmpaidatame/b3%2B%2FhydCPhbmMJ6JdJlDJw?sign=1863410381&location=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC HTTP 302
  • https://x01.aidata.io/0.gif?pid=SYNC
Request Chain 335
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D2719420%26id%3D%7BWEBO_CID%7D HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D2719420%26id%3D%7BWEBO_CID%7D&bounce=1&random=374262206 HTTP 302
  • https://x01.aidata.io/0.gif?pid=2719420&id=mRC6LJjbibYCR2TjP74VZ. HTTP 302
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=20316&external_id=b3%2B%2FhydCPhbmMJ6JdJlDJw
Request Chain 359
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=5f5dd4f7-b146-45ba-8fa8-ae0608fc4199
Request Chain 362
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Request Chain 363
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Request Chain 377
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6787ef86-0505-435a-a717-b1ad879b96a8
Request Chain 380
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Request Chain 381
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Request Chain 396
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40869b30-8c8c-441e-a57e-a4c83e98beda
Request Chain 399
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Request Chain 400
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Request Chain 415
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c935eba8-bf5b-4879-b883-31d3f67664b6
Request Chain 418
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Request Chain 419
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U

417 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
admtax.ru/ 		102 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
http://admtax.ru/
Protocol
HTTP/1.1
Server
2a00:f940:2:2:1:1:0:159 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Sat, 19 Feb 2022 17:29:29 GMT
Content-Type
text/html
Content-Length
102
Last-Modified
Thu, 17 Feb 2022 23:32:34 GMT
Connection
keep-alive
ETag
"620edb12-66"
Accept-Ranges
bytes
Primary Request /
www.finanz.ru/
Redirect Chain
  • https://trx.lm-invest24.site/GcLV81M2?aff_id=65
  • https://www.finanz.ru/
141 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.finanz.ru/
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.93.6.214 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
210f052e4e1a4cee8180ccf1c3a6d4b2e8b3789daa3eeab45bcd1476ab9df93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://admtax.ru/

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
x-content-type-options
nosniff
feature-policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
date
Sat, 19 Feb 2022 17:29:29 GMT
content-length
40951

Redirect headers

Server
nginx
Date
Sat, 19 Feb 2022 17:29:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Sat, 19 Feb 2022 17:29:29 GMT
Location
https://www.finanz.ru/
Pragma
no-cache
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
RUS_Home.release.js
script.finanz.ru/Content/Scripts/ClickPerformance/ 		238 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.finanz.ru/Content/Scripts/ClickPerformance/RUS_Home.release.js?v=025391ce
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
835cccf26642c7ab3c0580c54fce3119aafa567203d1b6065221b7b7f3cb9928
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 18 Aug 2021 15:47:49 GMT
ETag
"d8d0a6654894d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=238829
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
71987
Date
Sat, 19 Feb 2022 17:29:30 GMT
basic.min.js
script.finanz.ru/Content/Scripts/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.finanz.ru/Content/Scripts/basic.min.js?v=025391ce
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ed568fb0c63c892fbb0d1b12c85d23b893cf45c24700e6c8d4114161f844178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Tue, 15 Feb 2022 11:01:16 GMT
ETag
"8811635a5b22d81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=238817
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
89335
Date
Sat, 19 Feb 2022 17:29:30 GMT
finanzru_11866.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/finanzru_11866.js
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
6b6809969903ad388e834d310edd45c15057cec3da1fd76858dcbd5ec37ec48c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:30 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4879
styles.min.css
styles.finanz.ru/cache/css/ 		233 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1f7b19ecf8aa16bc822d7d863838c614f9c8ead9446969f757ddd0a6d357dd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
same-origin
Date
Sat, 19 Feb 2022 17:29:30 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
private, max-age=238798
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
Content-Disposition
attachment; filename=styles.min.css
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
38188
X-Content-Type-Options
nosniff
showinparent_concat.js
cdn.viewst.com/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viewst.com/showinparent_concat.js
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
3b2451a09cb1749e2f119729356a252db89fe2960af805afdc90c6091abe2a26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 17:29:30 GMT
Last-Modified
Saturday, 19-Feb-2022 17:29:30 GMT
Server
nginx/1.19.6
X-Ws-Request-Id
621128fa_PSdgflkfFRA2po75_61004-49126
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Server
common
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7314
X-Via
1.1 PSdgflkfFRA2sg74:11 (Cdn Cache Server V2.0)
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
277 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c8fef3101aeec270fdce6e4dd92c677c38746ad1642c5ef312460d5d705d2c28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1645291770164654-4701840030056417477-man1-3974-man-l7-balancer-8080-BAL-5490
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 19 Feb 2022 18:29:30 GMT

Redirect headers

date
Sat, 19 Feb 2022 17:29:30 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/context.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e62eccd2953d760cfafdffb51bc0ecc851389fec24ec8c97c0ca4a730715442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53535
x-xss-protection
0
server
cafe
etag
16522138554801783786
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 19 Feb 2022 17:29:30 GMT
chart.aspx
pproxy.finanz.ru/cst/FinansnetRU/Share/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pproxy.finanz.ru/cst/FinansnetRU/Share/chart.aspx?instruments=1,839420,148,860&style=instrument_mini_triple_precision&period=IntradayAvailability&timezone=Russian%20Standard%20Time&height=90&width=149
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.96.162 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1658a184caa35443e438f5a0cdc70888a83bcf72c98dcda9941435a9a70ce58d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Feb 2022 17:29:29 GMT
cache-control
private
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1291
content-type
image/png
chart.aspx
pproxy.finanz.ru/cst/FinansnetRU/Share/ 		885 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pproxy.finanz.ru/cst/FinansnetRU/Share/chart.aspx?instruments=1,946869,148,860&style=instrument_mini_triple_precision&period=IntradayAvailability&timezone=Russian%20Standard%20Time&height=90&width=149
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.96.162 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c5e2d555e6c12ec4eef9fca06731e2b19a807b82b8895dc8e6c2347bae04cd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Feb 2022 17:29:29 GMT
cache-control
private
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
885
content-type
image/png
chart.aspx
pproxy.finanz.ru/cst/FinansnetRU/Share/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pproxy.finanz.ru/cst/FinansnetRU/Share/chart.aspx?instruments=300012,675,149,333&style=instrument_mini_triple_precision&period=IntradayAvailability&timezone=Russian%20Standard%20Time&height=90&width=149
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.96.162 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2d90af048823b96421e2acdc2ccf0ee74632fa37527d91a49c0020c6a9122c16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Feb 2022 17:29:29 GMT
cache-control
private
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1484
content-type
image/png
chart.aspx
pproxy.finanz.ru/cst/FinansnetRU/Share/ 		815 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pproxy.finanz.ru/cst/FinansnetRU/Share/chart.aspx?instruments=1,968984,149,814&style=instrument_mini_triple_precision&period=IntradayAvailability&timezone=Russian%20Standard%20Time&height=90&width=149
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.96.162 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16a5662a0871872aa0857c9daa3dd36b3d05727eb207e0f09cad5f143ed31b1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Feb 2022 17:29:29 GMT
cache-control
private
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
815
content-type
image/png
rqqqq-08.jpg
images.finanzen.net/mediacenter/unsortiert/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.finanzen.net/mediacenter/unsortiert/rqqqq-08.jpg
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8b042290d0a85cac96c5291284ba62d77b497674ee8f0584fbfe3337ae867a38
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Thu, 16 Dec 2021 08:24:12 GMT
server
Akamai Image Manager
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=2991318
content-length
4978
expires
Sat, 26 Mar 2022 08:24:48 GMT
tre5435.jpg
images.finanzen.net/mediacenter/unsortiert/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.finanzen.net/mediacenter/unsortiert/tre5435.jpg
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
182f9453e59f6310a801cc6d64e80355edcbafb61c2aa211a80987d892f38cce
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Wed, 10 Nov 2021 23:47:07 GMT
server
Akamai Image Manager
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=7712344
content-length
7196
expires
Thu, 19 May 2022 23:48:34 GMT
vine-alcohol-massandra3.jpg
images.finanzen.net/mediacenter/unsortiert/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.finanzen.net/mediacenter/unsortiert/vine-alcohol-massandra3.jpg
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0a4f5357906d8df0b12e121bc023e7dbef464e34189d425afab4db99731c3998
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Thu, 12 Aug 2021 11:54:23 GMT
x-serial
490
strict-transport-security
max-age=86400
content-type
image/jpeg
x-check-cacheable
YES
cache-control
private, no-transform, max-age=7669575
content-length
9537
server
Akamai Image Manager
expires
Thu, 19 May 2022 11:55:45 GMT
vodka280.jpg
images.finanzen.net/mediacenter/unsortiert/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.finanzen.net/mediacenter/unsortiert/vodka280.jpg
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4c51aecce8f16aebf4ffdfe94cf93493d17c1918612f452703215830c521e872
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Thu, 18 Feb 2021 13:54:22 GMT
x-serial
1888
strict-transport-security
max-age=86400
content-type
image/jpeg
x-check-cacheable
YES
cache-control
private, no-transform, max-age=8108832
content-length
8794
server
Akamai Image Manager
expires
Tue, 24 May 2022 13:56:42 GMT
vkscript.js
script.finanz.ru/Content/Scripts/ 		63 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.finanz.ru/Content/Scripts/vkscript.js?v=025391ce
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2cb6a5ea1b2036497b91f9d22b5a115df1c546c58bd082f2ba0da8a01965b9e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
same-origin
Last-Modified
Wed, 18 Aug 2021 15:47:49 GMT
ETag
"2073b7654894d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=238849
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64522
Date
Sat, 19 Feb 2022 17:29:30 GMT
Config.js
script.finanz.ru/Content/Scripts/MDSnG/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.finanz.ru/Content/Scripts/MDSnG/Config.js?v=025391ce
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
394361a8136dbe1f5de8cf97960d158576a9a7c9f9cb49f63e43c3a8c7e28170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Thu, 10 Feb 2022 14:41:54 GMT
ETag
"cfcf12598c1ed81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=238788
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1231
Date
Sat, 19 Feb 2022 17:29:30 GMT
clientApi.min.js
script.finanz.ru/Content/Scripts/MDSnG/min/ 		363 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.finanz.ru/Content/Scripts/MDSnG/min/clientApi.min.js?v=025391ce
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
360be99c0fe15c24b6f4f38c6ae21131ef098edc47e80a0ba701df88f45fe4d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Thu, 10 Feb 2022 14:41:54 GMT
ETag
"f82b13598c1ed81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=238952
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
99208
Date
Sat, 19 Feb 2022 17:29:30 GMT
init.min.js
script.finanz.ru/Content/Scripts/web-push/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.finanz.ru/Content/Scripts/web-push/init.min.js?v=025391ce
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc0aae3cff21edb8879f2301f6d0fdf11fc49e960305874b1270fb5fc9f79eed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Tue, 15 Feb 2022 11:01:16 GMT
ETag
"6f76a35a5b22d81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=238819
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
18670
Date
Sat, 19 Feb 2022 17:29:30 GMT
gtm.js
www.googletagmanager.com/ 		123 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PJ8B96
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9dcd9a6520acccfb7c2cb034d938e403e202e93809f8afbc38f01c9c0acdf14c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46589
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Feb 2022 17:29:30 GMT
sprite_x.png
styles.finanz.ru/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://styles.finanz.ru/images/sprite_x.png?v=025391ce
Requested by
Host: styles.finanz.ru
URL: https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0f18feecc96cbf6598d1fb0660ca46a417d41f84cb5512ee647b27f318297ee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
same-origin
Last-Modified
Wed, 18 Aug 2021 15:47:49 GMT
ETag
"274c0654894d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=238841
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1619
Date
Sat, 19 Feb 2022 17:29:30 GMT
sprite_icons.gif
styles.finanz.ru/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://styles.finanz.ru/images/sprite_icons.gif?v=025391ce
Requested by
Host: styles.finanz.ru
URL: https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf138fff0a89c4b3f08e51deb1b4fab971c13f951b7e7831a31441f15997ddce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
same-origin
Last-Modified
Wed, 18 Aug 2021 15:47:49 GMT
ETag
"d225c0654894d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=238853
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3621
Date
Sat, 19 Feb 2022 17:29:30 GMT
sprite_finando.png
styles.finanz.ru/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://styles.finanz.ru/images/sprite_finando.png?v=025391ce
Requested by
Host: styles.finanz.ru
URL: https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
26c0eac30b52289d8ab5fbd3c3da3d1028f01299fe357d7e6cd5e73feec69cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
same-origin
Last-Modified
Wed, 18 Aug 2021 15:47:49 GMT
ETag
"d225c0654894d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=238812
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24803
Date
Sat, 19 Feb 2022 17:29:30 GMT
sprite.png
styles.finanz.ru/images/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://styles.finanz.ru/images/sprite.png?v=025391ce
Requested by
Host: styles.finanz.ru
URL: https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
541a15cc5cbadf9ddbc45e75b208991546436190f25426fa01f36a86a7d0dce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
same-origin
Last-Modified
Wed, 18 Aug 2021 15:47:49 GMT
ETag
"b8febf654894d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=238784
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
122482
Date
Sat, 19 Feb 2022 17:29:30 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220219
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/ClickPerformance/RUS_Home.release.js?v=025391ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c174b04a9b32a55c5ae3d2674f23323910c07c4ce4e171f55efb10c8270a51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8913
x-jsd-version
1.0.1257
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19128-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69d-XJ8ksmaxPiOVjZXc3XBMnF+p1jc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6e0137bb9f9191e1-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/ClickPerformance/RUS_Home.release.js?v=025391ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
63eee1dec3fcaafb919b3645a40408bc99eccaecb50b8e538d3cbfc1ac9d29c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27585
x-xss-protection
0
server
sffe
etag
"1136 / 575 of 1000 / last-modified: 1645225613"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Feb 2022 17:29:30 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/ClickPerformance/RUS_Home.release.js?v=025391ce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:30 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
96f65391-dc12-4369-8dd5-1c240d59a8a1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.finanz.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=544833&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2267e7380112880b%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fadmtax.ru%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.finanz.ru%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.28.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227b88e58baf1eeb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22544833%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2285475f9251085b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22544833%22%2C%22sid%22%3A%22800x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229a7bb209681eec%22%2C%22ext%22%3A%7B%22siteID%22%3A%22544834%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210be122e9bb91dc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22544834%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22118f2c032d0a03b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22544835%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212545c78cac49b8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22544835%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22132529c7fcb3a36%22%2C%22ext%22%3A%7B%22siteID%22%3A%22544836%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221448f302730d0be%22%2C%22ext%22%3A%7B%22siteID%22%3A%22544836%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/ClickPerformance/RUS_Home.release.js?v=025391ce
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
074fb3ae62fde02a6b14264f250b4e13c693d8f56160bf5fdfe69d008f3e2ed4

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.165], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sat, 19 Feb 2022 17:29:30 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
main_background.png
styles.finanz.ru/images/ 		133 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://styles.finanz.ru/images/main_background.png?v=025391ce
Requested by
Host: styles.finanz.ru
URL: https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
efe06ae912f7fd25827242d2993d88061d82a715badec8f9a5dc8d08744ac5f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://styles.finanz.ru/cache/css/styles.min.css?v=025391ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
same-origin
Last-Modified
Wed, 18 Aug 2021 15:47:49 GMT
ETag
"7a3bbf654894d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=238891
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
133
Date
Sat, 19 Feb 2022 17:29:30 GMT
/
www.tns-counter.ru/V13b****forbes_ru/ru/UTF-8/tmsec=finanz_total/
Redirect Chain
  • https://www.tns-counter.ru/V13a****forbes_ru/ru/UTF-8/tmsec=finanz_total/?d=80329.29452572843
  • https://www.tns-counter.ru/V13b****forbes_ru/ru/UTF-8/tmsec=finanz_total/?d=80329.29452572843
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****forbes_ru/ru/UTF-8/tmsec=finanz_total/?d=80329.29452572843
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****forbes_ru/ru/UTF-8/tmsec=finanz_total/?d=80329.29452572843
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
8e911f151f2c433f8f43.js
yastatic.net/partner-code-bundles/54802/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/54802/8e911f151f2c433f8f43.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7be70ecb2ea4f1028c3359d2ed6fa5cb103323c007e8d1e6d6ed770f39604f34
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4470
last-modified
Fri, 18 Feb 2022 15:14:57 GMT
server
nginx/1.17.9
etag
"afff685cf92aff66de169fc88a8eaff0"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2052 00:00:51 GMT
61d47eabda1e42b9dcc0.js
yastatic.net/partner-code-bundles/54802/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/54802/61d47eabda1e42b9dcc0.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2deebfb38acf8313b74dd2bad4d0d6469b16e5394744eb2cacb07e7671684ee5
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17045
last-modified
Fri, 18 Feb 2022 15:14:56 GMT
server
nginx/1.17.9
etag
"32a9219fd5b33f255a39d3c7b76abe7c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2052 00:00:52 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2052 00:01:24 GMT
84f4a33769cf13694f7a.js
yastatic.net/partner-code-bundles/54802/ 		615 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/54802/84f4a33769cf13694f7a.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7299e3cd2ddc4fa58e59c4c908a4a81ab0a4de0b1394b4db698a2ca232a8845f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
127515
last-modified
Fri, 18 Feb 2022 15:14:57 GMT
server
nginx/1.17.9
etag
"3bbe246d625e99fc222d0fac7bcf5975"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2052 00:00:51 GMT
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
277 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
fba3cab31898d7317cf09120bc47105969f29d1700f8c29c9ee207c01b2dd959
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1645291770581817-4624070975227237836-man2-6103-9d6-man-l7-balancer-8080-BAL-3917
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 19 Feb 2022 18:29:30 GMT

Redirect headers

date
Sat, 19 Feb 2022 17:29:30 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/context.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
v2
an.yandex.ru/adfox/1435/getBulk/ 		170 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/1435/getBulk/v2?dl=https%3A%2F%2Fwww.finanz.ru%2F&date=2022-02-19T17%3A29%3A30.333%2B00%3A00&pd=19&pdh=1200&pdw=1600&pr1=271383624&pr=1765658585&prr=http%3A%2F%2Fadmtax.ru%2F&pv=17&pw=6&extid_loader=&extid_tag_loader=www.finanz.ru&ylv=0.54802&ybv=0.54802&ytt=291370581755925&is-turbo=0&skip-token=&ad-session-id=9017501645291770361&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.2%2C%22w%22%3A540%2C%22h%22%3A0%2C%22width%22%3A540%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A350%2C%22top%22%3A876%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=54802&availableWidth=540&availableHeight=0&pp=h&ps=ckhq&p2=ul&puid1=&puid3=&puid4=&puid5=&puid6=&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=512023%2C0%2C7%3B503304%2C0%2C56%3B520823%2C0%2C92%3B519297%2C0%2C70%3B518751%2C0%2C26%3B512311%2C0%2C83%3B511894%2C0%2C28%3B514308%2C0%2C93%3B518006%2C0%2C82%3B492596%2C0%2C26%3B406668%2C0%2C15%3B517664%2C0%2C56%3B521335%2C0%2C24%3B204304%2C0%2C31&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22504231%22%7D%5D%2C%22FORCE_NEW_SKIP_BUTTON%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22513163%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22519117%22%2C%22testId%22%3A%22521345%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22WIDGET_OLD_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22504902%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22507236%22%7D%5D%2C%22VIDEO_IN_COMBO_FULLSCREEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22513230%22%7D%5D%2C%22FIX_BROKEN_NTP_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22517586%22%7D%5D%2C%22YANDEX_RU_DOMAIN_DISTRIB%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22521064%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FOR_HLS%22%3A%5B%7B%22value%22%3A%2210000%22%2C%22testId%22%3A%22512023%22%7D%5D%2C%22VAS_LOAD_GR_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22503304%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22520823%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22519297%22%2C%22testId%22%3A%22519297%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22518751%22%7D%5D%2C%22SMART_BANNER_DISABLE_SINGLE_OFFER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22512311%22%7D%5D%2C%22CONTAIN_ALMOST_WHITE_IMAGE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22511894%22%7D%5D%2C%22DISABLE_ANIMATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22514308%22%7D%5D%2C%22CAROUSEL_ON_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22518006%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22492596%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22OFFSET_PARENT_FOR_INNER_SIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22517664%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2254758%22%2C%22testId%22%3A%22521335%22%7D%5D%7D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=G%2BYPYK9qpuUHgTJLkDKXZjAHZE9qahWqG1MlAe%2BKLIRhKUr7reCfMWowahTxPM62fWHS%2Fl8Vrh%2Bxl7Mbxqdfee3vIHc%3D&top-ancestor=https%3A%2F%2Fwww.finanz.ru&top-ancestor-undetermined=0&grab-orig-len=1252&grab=dNCk0LjQvdCw0L3RgdC-0LLRi9C1INC90L7QstC-0YHRgtC4OiDRgdGC0LDRgtGM0LgsINC-0YbQtdC90LrQuCwg0LDQvdCw0LvQuNGC0LjQutCwINC80LjRgNC-0LLQvtCz0L4g0YTQuNC90LDQvdGB0L7QstC-0LPQviDRgNGL0L3QutCwLCDQutC-0YLQuNGA0L7QstC60Lgg0LLQsNC70Y7RgiDQuCDQutC-0YLQuNGA0L7QstC60Lgg0LDQutGG0LjQuSDQsiDRgNC10LDQu9GM0L3QvtC8INCy0YDQtdC80LXQvdC4INC90LAgZmluYW56LnJ1CjHQn9GA0L7Qs9C90L7Qt9GLINCw0L3QsNC70LjRgtC40LrQvtCyIAoyIGZpbmFuei5ydSAKMtCb0JXQndCi0JAg0J3QntCS0J7QodCi0JXQmSAKMtCSINGG0LXQvdGC0YDQtSDQstC90LjQvNCw0L3QuNGPIAoy0JvQuNGH0L3Ri9C1INGE0LjQvdCw0L3RgdGLIAoyINCd0L7QstC-0YHRgtC4INC70LjRh9C90YvRhSDRhNC40L3QsNC90YHQvtCyIAoy0JLQsNC70Y7RgtGLIAoyINCd0J7QktCe0KHQotCYINCS0JDQm9Cu0KLQndCr0KUg0KDQq9Cd0JrQntCSIAoy0JDQutGG0LjQuCAKMiDQndCe0JLQntCh0KLQmCDQoNCr0J3QmtCQINCQ0JrQptCY0JkgCjLQkdC40YDQttC10LLRi9C1INGC0L7QstCw0YDRiyAKMiDQndCe0JLQntCh0KLQmCDQotCe0JLQkNCg0J3Qq9ClINCg0KvQndCa0J7QkiAKMtCe0LHQu9C40LPQsNGG0LjQuCAKMiDQndCe0JLQntCh0KLQmCDQlNCe0JvQk9Ce0JLQq9ClINCg0KvQndCa0J7QkiAKMtCk0L7QvdC00YsgCjIg0J3QvtCy0L7RgdGC0Lgg0YDRi9C90LrQsCDQutC-0LvQu9C10LrRgtC40LLQvdGL0YUg0LjQvdCy0LXRgdGC0LjRhtC40LkgCjLQntGB0L3QvtCy0L3Ri9C1INC40L3QtNC40LrQsNGC0L7RgNGLIAoy0J7RgdC90L7QstC90YvQtSDQsdC40YDQttC10LLRi9C1INC60L7RgtC40YDQvtCy0LrQuCAKMtCY0L3RhNC-0YDQvNCw0YbQuNGPINC-0YIg0LrQvtC80L_QsNC90LjQuSAK&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
07a42ddfd6e49119fb9f67c0cb6160017a33f7598fcd862c21421a65fc26c998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 17:29:30 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1645291770464388-1147173546693934145900252-production-app-host-sas-pcode-157
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 19 Feb 2022 17:29:30 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 		290 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106772
x-xss-protection
0
server
cafe
etag
16804192996499609317
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 19 Feb 2022 17:29:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame EA36 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Sat, 19 Feb 2022 03:15:22 GMT
expires
Sat, 05 Mar 2022 03:15:22 GMT
cache-control
public, max-age=1209600
age
51248
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8B96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6877
date
Sat, 19 Feb 2022 15:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 19 Feb 2022 17:34:53 GMT
pubads_impl_2022021701.js
securepubads.g.doubleclick.net/gpt/ 		363 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js?cb=31064998
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 21:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124510
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 09:34:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Feb 2023 21:15:59 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		130 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.finanz.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
043452cc6b216e27ed364044a4182af0b811417b67608d69baaf5f3673082aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
expires
Sat, 19 Feb 2022 17:29:30 GMT
probtn_concat.js
cdn.viewst.com/ 		359 KB
360 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viewst.com/probtn_concat.js
Requested by
Host: cdn.viewst.com
URL: https://cdn.viewst.com/showinparent_concat.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
cef0f2c5d6083d5873068b66fce8628d75435ca2aa6688a0fcae9087f81fe79a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 17:29:30 GMT
Last-Modified
Saturday, 19-Feb-2022 17:29:30 GMT
Server
nginx/1.19.6
X-Ws-Request-Id
621128fa_PSdgflkfFRA2po75_61004-49129
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Server
common
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
367963
X-Via
1.1 PSdgflkfFRA2so76:12 (Cdn Cache Server V2.0)
cookie.js
partner.googleadservices.com/gampad/ 		213 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.finanz.ru&callback=_gfp_s_&client=ca-pub-4438736351765938
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
380cb8850744061af6a79db9bbe32db458df01d445f3737d26c258d5b538a3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.finanz.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.finanz.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5C22 		108 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d89fc5555283d632140c8c0877b1b8d6b7f865e18a83fce0de1204dc6d6e879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 19 Feb 2022 17:29:31 GMT
server
cafe
content-length
35013
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Feb 2022 17:29:31 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame E7AC 		96 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36ce34492a86ef23a4807d9b19e65937e732cbee1601c15984ffd1884e5ee488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 19 Feb 2022 17:29:31 GMT
server
cafe
content-length
33425
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Feb 2022 17:29:31 GMT
cache-control
private
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4126276822509684&correlator=931351459957663&output=ldjh&impl=fifs&eid=31064150%2C31064954%2C31064998%2C31064868%2C31063247%2C31063982&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220219&iu_parts=1154235%2CRUS_D_Home_Header%2CRUS_D_Home_Top%2CRUS_D_Home_Right%2CRUS_D_Home_Left%2CRUS_D_Home_Sidebar-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C800x250%2C728x90%7C800x250%2C160x600%7C300x600%2C160x600%7C300x600%2C300x250%7C300x600&eri=1&cust_params=fw%3Dv2.2.4.4%26Refresh%3D0%26URL%3D%252F%26Subdomain%3Dwww%26Landingpage%3Dhttps%253A%252F%252Fwww.finanz.ru%252F%26sp_day%3DSaturday%26sp_case%3DX&cookie_enabled=1&bc=31&abxe=1&dt=1645291770578&lmt=1645291770&dlt=1645291769963&idt=596&frm=20&biw=1600&bih=1200&oid=2&adxs=350%2C350%2C1255%2C45%2C930&adys=0%2C214%2C0%2C0%2C516&adks=2629671318%2C758058001%2C3240497728%2C1234063177%2C2335346956&ucis=1%7C2%7C3%7C4%7C5&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.finanz.ru%2F&ref=http%3A%2F%2Fadmtax.ru%2F&vis=1&scr_x=0&scr_y=0&psz=900x0%7C900x10%7C160x0%7C160x0%7C320x0&msz=900x0%7C900x0%7C160x0%7C160x0%7C320x0&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=false&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js?cb=31064998
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c259b881b1a950ab28b9ade37d4a4abe471cbbec75ccfbe2514a0cd7da012925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19373
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 71AE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js?cb=31064998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 19 Feb 2022 17:29:30 GMT
expires
Sun, 19 Feb 2023 17:29:30 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e358796972ea0d09cc3b.js
yastatic.net/partner-code-bundles/54802/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/54802/e358796972ea0d09cc3b.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
55b6c3e9c80b0da110e434ac42b51d3fccbc449e8a4aa9e9fd1cd951407c1c41
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
10093
last-modified
Fri, 18 Feb 2022 15:14:57 GMT
server
nginx/1.17.9
etag
"d0c077ff51acc83f622b62ed05e447f3"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2052 00:01:05 GMT
v2
an.yandex.ru/adfox/239292/getBulk/ 		170 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/239292/getBulk/v2?dl=https%3A%2F%2Fwww.finanz.ru%2F&date=2022-02-19T17%3A29%3A30.684%2B00%3A00&pd=19&pdh=1200&pdw=1600&pr1=566555177&pr=1765658585&prr=http%3A%2F%2Fadmtax.ru%2F&pv=17&pw=6&extid_loader=&extid_tag_loader=www.finanz.ru&ylv=0.54802&ybv=0.54802&ytt=291370581493781&is-turbo=0&skip-token=&ad-session-id=9017501645291770361&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.2%2C%22w%22%3A320%2C%22h%22%3A0%2C%22width%22%3A320%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A930%2C%22top%22%3A1233%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=54802&availableWidth=320&availableHeight=0&pp=h&ps=cjsz&p2=flha&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=512023%2C0%2C7%3B503304%2C0%2C56%3B520823%2C0%2C92%3B519297%2C0%2C70%3B518751%2C0%2C26%3B512311%2C0%2C83%3B511894%2C0%2C28%3B514308%2C0%2C93%3B518006%2C0%2C82%3B492596%2C0%2C26%3B406668%2C0%2C15%3B517664%2C0%2C56%3B521335%2C0%2C24%3B204304%2C0%2C31&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22504231%22%7D%5D%2C%22FORCE_NEW_SKIP_BUTTON%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22513163%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22519117%22%2C%22testId%22%3A%22521345%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22WIDGET_OLD_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22504902%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22507236%22%7D%5D%2C%22VIDEO_IN_COMBO_FULLSCREEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22513230%22%7D%5D%2C%22FIX_BROKEN_NTP_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22517586%22%7D%5D%2C%22YANDEX_RU_DOMAIN_DISTRIB%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22521064%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FOR_HLS%22%3A%5B%7B%22value%22%3A%2210000%22%2C%22testId%22%3A%22512023%22%7D%5D%2C%22VAS_LOAD_GR_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22503304%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22520823%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22519297%22%2C%22testId%22%3A%22519297%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22518751%22%7D%5D%2C%22SMART_BANNER_DISABLE_SINGLE_OFFER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22512311%22%7D%5D%2C%22CONTAIN_ALMOST_WHITE_IMAGE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22511894%22%7D%5D%2C%22DISABLE_ANIMATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22514308%22%7D%5D%2C%22CAROUSEL_ON_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22518006%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT_EXP%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22492596%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22OFFSET_PARENT_FOR_INNER_SIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22517664%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2254758%22%2C%22testId%22%3A%22521335%22%7D%5D%7D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=G%2BYPYK9qpuUHgTJLkDKXZjAHZE9qahWqG1MlAe%2BKLIRhKUr7reCfMWowahTxPM62fWHS%2Fl8Vrh%2Bxl7Mbxqdfee3vIHc%3D&top-ancestor=https%3A%2F%2Fwww.finanz.ru&top-ancestor-undetermined=0&grab-orig-len=1252&grab=dNCk0LjQvdCw0L3RgdC-0LLRi9C1INC90L7QstC-0YHRgtC4OiDRgdGC0LDRgtGM0LgsINC-0YbQtdC90LrQuCwg0LDQvdCw0LvQuNGC0LjQutCwINC80LjRgNC-0LLQvtCz0L4g0YTQuNC90LDQvdGB0L7QstC-0LPQviDRgNGL0L3QutCwLCDQutC-0YLQuNGA0L7QstC60Lgg0LLQsNC70Y7RgiDQuCDQutC-0YLQuNGA0L7QstC60Lgg0LDQutGG0LjQuSDQsiDRgNC10LDQu9GM0L3QvtC8INCy0YDQtdC80LXQvdC4INC90LAgZmluYW56LnJ1CjHQn9GA0L7Qs9C90L7Qt9GLINCw0L3QsNC70LjRgtC40LrQvtCyIAoyIGZpbmFuei5ydSAKMtCb0JXQndCi0JAg0J3QntCS0J7QodCi0JXQmSAKMtCSINGG0LXQvdGC0YDQtSDQstC90LjQvNCw0L3QuNGPIAoy0JvQuNGH0L3Ri9C1INGE0LjQvdCw0L3RgdGLIAoyINCd0L7QstC-0YHRgtC4INC70LjRh9C90YvRhSDRhNC40L3QsNC90YHQvtCyIAoy0JLQsNC70Y7RgtGLIAoyINCd0J7QktCe0KHQotCYINCS0JDQm9Cu0KLQndCr0KUg0KDQq9Cd0JrQntCSIAoy0JDQutGG0LjQuCAKMiDQndCe0JLQntCh0KLQmCDQoNCr0J3QmtCQINCQ0JrQptCY0JkgCjLQkdC40YDQttC10LLRi9C1INGC0L7QstCw0YDRiyAKMiDQndCe0JLQntCh0KLQmCDQotCe0JLQkNCg0J3Qq9ClINCg0KvQndCa0J7QkiAKMtCe0LHQu9C40LPQsNGG0LjQuCAKMiDQndCe0JLQntCh0KLQmCDQlNCe0JvQk9Ce0JLQq9ClINCg0KvQndCa0J7QkiAKMtCk0L7QvdC00YsgCjIg0J3QvtCy0L7RgdGC0Lgg0YDRi9C90LrQsCDQutC-0LvQu9C10LrRgtC40LLQvdGL0YUg0LjQvdCy0LXRgdGC0LjRhtC40LkgCjLQntGB0L3QvtCy0L3Ri9C1INC40L3QtNC40LrQsNGC0L7RgNGLIAoy0J7RgdC90L7QstC90YvQtSDQsdC40YDQttC10LLRi9C1INC60L7RgtC40YDQvtCy0LrQuCAKMtCY0L3RhNC-0YDQvNCw0YbQuNGPINC-0YIg0LrQvtC80L_QsNC90LjQuSAK&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
bfadce9faa36a990f2bb7a2e366faccade9cad25c4663f65f634a91ef105a2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 17:29:30 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1645291770739929-378589849749220234700252-production-app-host-sas-pcode-249
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 19 Feb 2022 17:29:30 GMT
finanz.ru.628816.js
jsc.lentainform.com/f/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.lentainform.com/f/i/finanz.ru.628816.js?t=1221617
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af86d1842ee9f04e69eb78eb3fb1866e2a783a69084e3192ff712733497157c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
cf-cache-status
HIT
age
2307
last-modified
Fri, 04 Feb 2022 11:59:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Z8M95T72QX4RC9B4
x-amz-id-2
4DNSEuDJLh47HZjtflCi2TOKt69R/27lnM83B9JbecBCg0PYVpA7Gg9vx7ZAHUWRfM282MRhkr4=
cf-bgj
minify
server
cloudflare
etag
W/"67a548e92c62f1064b7ca127ce7d53c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e0137bf1d625c7a-FRA
expires
Sat, 19 Feb 2022 20:29:30 GMT
upload.gif
vk.com/images/ 		230 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/images/upload.gif
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.finanz.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-e6"
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
230
expires
Sat, 26 Feb 2022 17:29:30 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3927
date
Sat, 19 Feb 2022 16:24:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 19 Feb 2022 18:24:03 GMT
rtPush.txt
www.finanz.ru/Content/Scripts/MDSnG/libs/ 		649 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.finanz.ru/Content/Scripts/MDSnG/libs/rtPush.txt
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/MDSnG/min/clientApi.min.js?v=025391ce
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.93.6.214 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d4fb8a73ced6638ac24002743ba4cd6d3fab20148c591c75e0a9c15a2c43f6e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.finanz.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 18 Aug 2021 15:47:49 GMT
etag
"306da7654894d71:0"
x-frame-options
SAMEORIGIN
content-type
text/plain
cache-control
max-age=31708800
feature-policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; gyroscope 'none'; microphone 'none'; payment 'none'
x-content-type-options
nosniff
accept-ranges
bytes
vary
Accept-Encoding
content-length
338
date
Sat, 19 Feb 2022 17:29:29 GMT
/
mdsngpush.finanzen.net/socket.io/ 		119 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdsngpush.finanzen.net/socket.io/?stream=protocolbuffers&token=e9dafe256ffbe323db51604a7c87073b&EIO=3&transport=polling&t=NyJ21Dk
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/MDSnG/min/clientApi.min.js?v=025391ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.89.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.89.201.35.bc.googleusercontent.com
Software
/
Resource Hash
1c0486f3cdbb2f1605ec8fb8c86efd231da9562f93efcdd7d71a962bbc907666

Request headers

Accept
*/*
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/octet-stream
tcounter.js
www.tns-counter.ru/ 		552 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tns-counter.ru/tcounter.js
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Tue, 03 Aug 2021 13:06:34 GMT
server
ms-counter-3.2.15/1.20.1
etag
"61093f5a-228"
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control
max-age=20736000
accept-ranges
bytes
content-type
application/javascript
content-length
552
expires
Mon, 17 Oct 2022 17:29:30 GMT
formats.js
ad.lkqd.net/vpaid/ Frame C560 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1645291770.cds262.am5.hn,1645291770.cds264.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 6532 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1645291770.cds262.am5.hn,1645291770.cds264.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame 2A3E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-type
image/gif
content-length
43
content-encoding
none
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Sat, 19 Feb 2022 17:29:30 GMT
server
AC1.1
auto-user-sync
ads.stickyadstv.com/ 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:30 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1645291770707054-400
Expires
Sat, 19 Feb 2022 17:29:30 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=733700588.24741691884080266.3092666
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=733700588.24741691884080266.3092666
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_cc695c18-5fa3-4a5f-b65a-ec3c1ea1626f&bsw_param=2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d&expires=10
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Server
52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d
Date
Sat, 19 Feb 2022 17:29:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ve
stg.vidoomy.com/api/rtbserver/ 		9 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg.vidoomy.com/api/rtbserver/ve?ad_type=Video&adomain=&c=DE&category=&crid=11866&deal=&domain=&dsp=&dsp_ssp=&dt=1&gdpr=&gdprcs=&os=&p=&p_id=1&s=a&seat=1&size=&sspid=0&sync=0&zid=0&uimp=1
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.189.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6a0aaac8071ff4b.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-length
9
vary
Origin
content-type
application/json
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.finanz.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.finanz.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CA2C 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&adk=1812271804&adf=3025194257&lmt=1645291770&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.finanz.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770767&bpp=1&bdt=804&idt=1&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da54937548e2a20c0-22c4a7dd45cd00b7%3AT%3D1645291770%3ART%3D1645291770%3AS%3DALNI_MZ_7Wd0tzFXOqeP3sauDileZBc0qg&prev_fmts=540x180%2C540x180&nras=1&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&dtd=40
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 19 Feb 2022 17:29:30 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Feb 2022 17:29:30 GMT
cache-control
private
widget_community.php
vk.com/ Frame 3530 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/vkscript.js?v=025391ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.110206
Resource Hash
a9a2faee8f8f71288e1319a29eb680601e2a0549b9127cb506c0b163a3856855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; report=/xss_reports

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
kittenx
date
Sat, 19 Feb 2022 17:29:30 GMT
content-type
text/html; charset=windows-1251
content-length
10750
x-powered-by
KPHP/7.4.110206
cache-control
no-store
content-security-policy
default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
x-xss-protection
1; report=/xss_reports
content-encoding
gzip
x-frontend
front224004
strict-transport-security
max-age=15768000
access-control-expose-headers
X-Frontend
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
putin-rocket.jpg
images.finanzen.net/mediacenter/unsortiert/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.finanzen.net/mediacenter/unsortiert/putin-rocket.jpg
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a9ed1ac4667a2f98cf11c12ef7d8f4f2a501f77832c08507faca1820819a47f5
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Mon, 20 Dec 2021 19:51:20 GMT
x-serial
1806
strict-transport-security
max-age=86400
content-type
image/jpeg
x-check-cacheable
YES
cache-control
private, no-transform, max-age=3378040
content-length
7546
server
Akamai Image Manager
expires
Wed, 30 Mar 2022 19:50:10 GMT
3046854_usa.jpg
images.finanzen.net/mediacenter/rrr/Stocks/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.finanzen.net/mediacenter/rrr/Stocks/3046854_usa.jpg
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
39871ab6ccf3f77ea017b7662f4143a4608ff335424b78249d8a04c6f16e4d0d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Sat, 03 Oct 2020 21:51:08 GMT
server
Akamai Image Manager
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=4481586
content-length
12275
expires
Tue, 12 Apr 2022 14:22:36 GMT
dnr-763824.jpg
images.finanzen.net/mediacenter/unsortiert/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.finanzen.net/mediacenter/unsortiert/dnr-763824.jpg
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4e5c50e4d230938abc0794f2eb8f42a3d98c873a0deedb9e5481d90e730b806e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Sat, 19 Feb 2022 13:49:08 GMT
x-serial
1238
strict-transport-security
max-age=86400
content-type
image/jpeg
x-check-cacheable
YES
cache-control
private, no-transform, max-age=8626749
content-length
9376
server
Akamai Image Manager
expires
Mon, 30 May 2022 13:48:39 GMT
biden-34589934.jpg
images.finanzen.net/mediacenter/unsortiert/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.finanzen.net/mediacenter/unsortiert/biden-34589934.jpg
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7ee56283f1ad3e9c375331ef4ac9b66d299457b2aef1470aa4610fde5b6ad987
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Sat, 19 Feb 2022 01:29:38 GMT
server
Akamai Image Manager
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=8582370
content-length
7423
expires
Mon, 30 May 2022 01:29:00 GMT
/
mdsngpush.finanzen.net/socket.io/ 		5 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdsngpush.finanzen.net/socket.io/?stream=protocolbuffers&token=e9dafe256ffbe323db51604a7c87073b&EIO=3&transport=polling&t=NyJ21FU&sid=2afeb454-1f6d-4605-af61-cb5c988bcdb9
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/MDSnG/min/clientApi.min.js?v=025391ce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.89.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.89.201.35.bc.googleusercontent.com
Software
/
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

Accept
*/*
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/octet-stream
finanz.ru.628816.es6.js
jsc.lentainform.com/f/i/ 		235 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.lentainform.com/f/i/finanz.ru.628816.es6.js
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/f/i/finanz.ru.628816.js?t=1221617
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dea90065380f3ad22a4efdba817219c7d1ff9124e28edfd3711fac3542f288

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
br
cf-cache-status
HIT
age
6482
last-modified
Fri, 04 Feb 2022 11:59:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Z8M0HGFER55ZPGF4
x-amz-id-2
B4zSRYDVsmnxaP3mRNTBJFAfW/ySw1NPFr5CAUq/ovv/hlslGoO2XDj/7F8C8fRrUaxX/achuLs=
cf-bgj
minify
server
cloudflare
etag
W/"ad65043f6dcaccb14c322b735e258356"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e0137bffa026977-FRA
expires
Sat, 19 Feb 2022 20:29:30 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame A81C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
content-length
1882
content-type
text/html
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges
bytes
etag
"952dcfd8e3703b5a7e78418d51009535"
cache-control
public, max-age=1209600
x-hw
1645291770.cds262.am5.hn,1645291770.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame C560 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=14416235&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b7de12cd53da0d476d3d9624e2df1d39015b73d5313ac8b9d8ba1835868e975b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1358
usync.html
ad.lkqd.net/cookie-sync/ Frame 7D78 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
content-length
1882
content-type
text/html
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges
bytes
etag
"952dcfd8e3703b5a7e78418d51009535"
cache-control
public, max-age=1209600
x-hw
1645291770.cds262.am5.hn,1645291770.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 6532 		180 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116305&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=97872118&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
418205424
www.tns-counter.ru/V13a***R%3Ehttp://admtax.ru/*forbes_ru/ru/UTF-8/tmsec=finanz_total/ 		43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a***R%3Ehttp://admtax.ru/*forbes_ru/ru/UTF-8/tmsec=finanz_total/418205424
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
mdsngpush.finanzen.net/socket.io/ 		2 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdsngpush.finanzen.net/socket.io/?stream=protocolbuffers&token=e9dafe256ffbe323db51604a7c87073b&EIO=3&transport=polling&t=NyJ21GP&sid=2afeb454-1f6d-4605-af61-cb5c988bcdb9
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/MDSnG/min/clientApi.min.js?v=025391ce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.89.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.89.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
text/html
/
mdsngpush.finanzen.net/socket.io/ 		4 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdsngpush.finanzen.net/socket.io/?stream=protocolbuffers&token=e9dafe256ffbe323db51604a7c87073b&EIO=3&transport=polling&t=NyJ21GQ&sid=2afeb454-1f6d-4605-af61-cb5c988bcdb9
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/MDSnG/min/clientApi.min.js?v=025391ce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.89.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.89.201.35.bc.googleusercontent.com
Software
/
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

Accept
*/*
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/octet-stream
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1450302412&utmhn=www.finanz.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B8%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%20%D0%B2%20%D1%80%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%BD%D0%B0%20finanz.ru&utmhid=1298879455&utmr=http%3A%2F%2Fadmtax.ru%2F&utmp=%2F&utmht=1645291770921&utmac=UA-44951833-1&utmcc=__utma%3D2796199.1980672137.1645291771.1645291771.1645291771.1%3B%2B__utmz%3D2796199.1645291771.1.1.utmcsr%3Dadmtax.ru%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=551540522&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAQBAAAE~
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
mdsngpush.finanzen.net/socket.io/ 		2 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdsngpush.finanzen.net/socket.io/?stream=protocolbuffers&token=e9dafe256ffbe323db51604a7c87073b&EIO=3&transport=polling&t=NyJ21Gq&sid=2afeb454-1f6d-4605-af61-cb5c988bcdb9
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/MDSnG/min/clientApi.min.js?v=025391ce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.89.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.89.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
text/html
cs
cs.lkqd.net/ Frame A81C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c3d2d7f1-76fe-48a0-a87f-a9dfe42083f9
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c3d2d7f1-76fe-48a0-a87f-a9dfe42083f9
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c3d2d7f1-76fe-48a0-a87f-a9dfe42083f9
date
Sat, 19 Feb 2022 17:29:30 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame A81C 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A81C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A81C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2348540956014117316
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2348540956014117316
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2348540956014117316
pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame A81C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Date
Sat, 19 Feb 2022 17:29:31 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 7D78
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1fc8c0a9-d6d6-4234-8e9a-94380c21bbff
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1fc8c0a9-d6d6-4234-8e9a-94380c21bbff
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1fc8c0a9-d6d6-4234-8e9a-94380c21bbff
date
Sat, 19 Feb 2022 17:29:30 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 7D78 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 7D78 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 7D78
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 7D78
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=VgpA-_4PRit7_62I-nDk-7nVm6U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=VgpA-_4PRit7_62I-nDk-7nVm6U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=VgpA-_4PRit7_62I-nDk-7nVm6U
Date
Sat, 19 Feb 2022 17:29:31 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
loader_nav217615770143_6.js
vk.com/js/ Frame 3530 		139 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/loader_nav217615770143_6.js
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.110206
Resource Hash
ea74349345ba0691ce475147bd8865661068a07315d48026f239af5e04282e56
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
x-frontend
front220004
server
kittenx
x-powered-by
KPHP/7.4.110206
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
39398
fonts_cnt.5df9a2d31f91db9fc063.css
st6-20.vk.com/css/al/ Frame 3530 		470 KB
352 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/fonts_cnt.5df9a2d31f91db9fc063.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
2b86791b4bc5469817735d814f73f5b52cdc6078c60befd4c6cbe27c68b40027
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front6-20
last-modified
Sat, 15 Jan 2022 23:18:12 GMT
server
kittenx
etag
"61e35634-57c35"
strict-transport-security
max-age=15768000
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
359477
expires
Wed, 23 Feb 2022 17:29:31 GMT
lite.841f60721bcff632985a.css
st6-20.vk.com/css/al/ Frame 3530 		297 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/lite.841f60721bcff632985a.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
187609863b0ad6ebddbb827bcb34cac1bfa0fa4145885b86b5452fa8b2cc624b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front6-20
last-modified
Tue, 15 Feb 2022 13:48:30 GMT
server
kittenx
etag
"620baf2e-9349"
strict-transport-security
max-age=15768000
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
37705
expires
Wed, 23 Feb 2022 17:29:31 GMT
lite.js
vk.com/js/al/ Frame 3530 		266 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/al/lite.js?102
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
f5d3a91d9133f12a3710808474051a1773369b563cacc8b5550fdb773a811da0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front220004
last-modified
Tue, 15 Feb 2022 21:13:00 GMT
server
kittenx
etag
"620c175c-f4e8"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
62696
expires
Wed, 23 Feb 2022 17:29:31 GMT
lang6_0.js
vk.com/js/ Frame 3530 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/lang6_0.js?27421529
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.110206
Resource Hash
fa85cfb532131b8673cb3f271e765eabd7e3fc60fc3e0f82a5b01b78d45f96d7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
x-frontend
front220004
server
kittenx
x-powered-by
KPHP/7.4.110206
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16042
xdm.js
st6-20.vk.com/js/api/ Frame 3530 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/js/api/xdm.js?9
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front6-20
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-b1e"
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2846
expires
Wed, 23 Feb 2022 17:29:31 GMT
ui_common.3ff41a286e0f473d3743.css
st6-20.vk.com/css/al/ Frame 3530 		103 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/ui_common.3ff41a286e0f473d3743.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
d3b9019a25f806052d3397cebe09a9bfcba56f5f00834c47a6ef2d23e86f2d24
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front6-20
last-modified
Fri, 18 Feb 2022 09:49:21 GMT
server
kittenx
etag
"620f6ba1-38ee"
strict-transport-security
max-age=15768000
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
14574
expires
Wed, 23 Feb 2022 17:29:31 GMT
common.0651bbbc366ae581ec5b.js
vk.com/dist/ Frame 3530
Redirect Chain
  • https://st6-20.vk.com/dist/common.0651bbbc366ae581ec5b.js?285c6974c356935be9af70d
  • https://vk.com/dist/common.0651bbbc366ae581ec5b.js?285c6974c356935be9af70d
2 MB
406 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/common.0651bbbc366ae581ec5b.js?285c6974c356935be9af70d
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
8ec7b752c94812cd0832332586bed67d6dd4d4478abee9ef59e96f7d18c8e433

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front220004
last-modified
Fri, 18 Feb 2022 07:50:49 GMT
server
kittenx
etag
"620f4fd9-654e9"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
414953
expires
Wed, 23 Feb 2022 17:29:31 GMT

Redirect headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-frontend
front6-20
server
kittenx
strict-transport-security
max-age=15768000
content-type
text/html
location
https://vk.com/dist/common.0651bbbc366ae581ec5b.js?285c6974c356935be9af70d
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
140
expires
Wed, 23 Feb 2022 17:29:31 GMT
ui_common.1b747ad51a6188b59d2b.js
vk.com/dist/web/ Frame 3530
Redirect Chain
  • https://st6-20.vk.com/dist/web/ui_common.1b747ad51a6188b59d2b.js?dc8cb481b7e01b38af24e9f4dc7f84e8
  • https://vk.com/dist/web/ui_common.1b747ad51a6188b59d2b.js?dc8cb481b7e01b38af24e9f4dc7f84e8
81 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/web/ui_common.1b747ad51a6188b59d2b.js?dc8cb481b7e01b38af24e9f4dc7f84e8
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
a5fa5dda512e9d1cb0958323b5574d864cbc2ab181dd42c39b872ad03baca44c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front220004
last-modified
Fri, 11 Feb 2022 05:52:21 GMT
server
kittenx
etag
"6205f995-4b41"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
19265
expires
Wed, 23 Feb 2022 17:29:31 GMT

Redirect headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-frontend
front6-20
server
kittenx
strict-transport-security
max-age=15768000
content-type
text/html
location
https://vk.com/dist/web/ui_common.1b747ad51a6188b59d2b.js?dc8cb481b7e01b38af24e9f4dc7f84e8
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
140
expires
Wed, 23 Feb 2022 17:29:31 GMT
audioplayer.9cf1a83f2a0d2f09fe5a.js
vk.com/dist/ Frame 3530
Redirect Chain
  • https://st6-20.vk.com/dist/audioplayer.9cf1a83f2a0d2f09fe5a.js?285804d60da4627f12ad5e2
  • https://vk.com/dist/audioplayer.9cf1a83f2a0d2f09fe5a.js?285804d60da4627f12ad5e2
143 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/audioplayer.9cf1a83f2a0d2f09fe5a.js?285804d60da4627f12ad5e2
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
e7dad9a2ea733e9aba7d4f6cf327fd2b155841ca20beebcb2f69f4940d12432c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front220004
last-modified
Thu, 17 Feb 2022 08:49:24 GMT
server
kittenx
etag
"620e0c14-9306"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
37638
expires
Wed, 23 Feb 2022 17:29:31 GMT

Redirect headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-frontend
front6-20
server
kittenx
strict-transport-security
max-age=15768000
content-type
text/html
location
https://vk.com/dist/audioplayer.9cf1a83f2a0d2f09fe5a.js?285804d60da4627f12ad5e2
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
140
expires
Wed, 23 Feb 2022 17:29:31 GMT
audioplayer.aca3c2e8da55378883b3.js
vk.com/dist/web/ Frame 3530
Redirect Chain
  • https://st6-20.vk.com/dist/web/audioplayer.aca3c2e8da55378883b3.js?06687162a6496db68906103913b2695e
  • https://vk.com/dist/web/audioplayer.aca3c2e8da55378883b3.js?06687162a6496db68906103913b2695e
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/web/audioplayer.aca3c2e8da55378883b3.js?06687162a6496db68906103913b2695e
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
810d39b52c8f925b2d881e74467cdf21a6d976f52b5fdd69c56e17a297a620d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front220004
last-modified
Fri, 11 Feb 2022 05:52:21 GMT
server
kittenx
etag
"6205f995-6ba"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1722
expires
Wed, 23 Feb 2022 17:29:31 GMT

Redirect headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-frontend
front6-20
server
kittenx
strict-transport-security
max-age=15768000
content-type
text/html
location
https://vk.com/dist/web/audioplayer.aca3c2e8da55378883b3.js?06687162a6496db68906103913b2695e
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
140
expires
Wed, 23 Feb 2022 17:29:31 GMT
widget_community.2eab524061f62559e8f2.css
st6-20.vk.com/css/al/ Frame 3530 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/widget_community.2eab524061f62559e8f2.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
0bee62ea2660061e7a2ec5122528d43c19a26dd04116b1d88a9b7871e1c8545f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front6-20
last-modified
Sat, 15 Jan 2022 23:18:12 GMT
server
kittenx
etag
"61e35634-a35"
strict-transport-security
max-age=15768000
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2613
expires
Wed, 23 Feb 2022 17:29:31 GMT
likes.c8308e6d45e0e7b7c94c.js
vk.com/dist/web/ Frame 3530
Redirect Chain
  • https://st6-20.vk.com/dist/web/likes.c8308e6d45e0e7b7c94c.js?3126ac61aa3e4002fd77f99ade9a6618
  • https://vk.com/dist/web/likes.c8308e6d45e0e7b7c94c.js?3126ac61aa3e4002fd77f99ade9a6618
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/web/likes.c8308e6d45e0e7b7c94c.js?3126ac61aa3e4002fd77f99ade9a6618
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
411b86125bd6f4812cf51bc057968444575578869faef2ff4e5be44699cbf69f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front220004
last-modified
Fri, 11 Feb 2022 05:52:21 GMT
server
kittenx
etag
"6205f995-186b"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6251
expires
Wed, 23 Feb 2022 17:29:31 GMT

Redirect headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-frontend
front6-20
server
kittenx
strict-transport-security
max-age=15768000
content-type
text/html
location
https://vk.com/dist/web/likes.c8308e6d45e0e7b7c94c.js?3126ac61aa3e4002fd77f99ade9a6618
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
140
expires
Wed, 23 Feb 2022 17:29:31 GMT
community.js
vk.com/dist/api/widgets/ Frame 3530
Redirect Chain
  • https://st6-20.vk.com/dist/api/widgets/community.js?1
  • https://vk.com/dist/api/widgets/community.js?1
434 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/api/widgets/community.js?1
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
ba736b8d9ff6dec089382fbc9365cbecaf6d85a7ed89a3a50beca05c05f87b94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front220004
last-modified
Tue, 15 Feb 2022 21:17:23 GMT
server
kittenx
etag
"620c1863-1f328"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
127784
expires
Wed, 23 Feb 2022 17:29:31 GMT

Redirect headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-frontend
front6-20
server
kittenx
strict-transport-security
max-age=15768000
content-type
text/html
location
https://vk.com/dist/api/widgets/community.js?1
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
140
expires
Wed, 23 Feb 2022 17:29:31 GMT
base.28eb5d374f64d946a83f.css
st6-20.vk.com/css/al/ Frame 3530 		116 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/base.28eb5d374f64d946a83f.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
4878d2177fb9d449577d37c12f6d7d56649cbbd078c79ac6adda69082a7bc258
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-frontend
front6-20
last-modified
Thu, 17 Feb 2022 09:18:50 GMT
server
kittenx
etag
"620e12fa-47f7"
strict-transport-security
max-age=15768000
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
18423
expires
Wed, 23 Feb 2022 17:29:31 GMT
D9lXnWArJ00zTKobxCTa3F3IXRq1BSXugStS9SDtRoqwE1OmcY582nlEkBBQk7Ci_9q1GpxWdylRcB6BSoLXrLeP.jpg
sun6-20.userapi.com/s/v1/if2/ Frame 3530 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sun6-20.userapi.com/s/v1/if2/D9lXnWArJ00zTKobxCTa3F3IXRq1BSXugStS9SDtRoqwE1OmcY582nlEkBBQk7Ci_9q1GpxWdylRcB6BSoLXrLeP.jpg?size=50x50&quality=96&crop=23,30,200,200&ava=1
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
2387cca4cd7aecc15eba4b085a621e979e6b20b465462f66e6f85b6a59b62979
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1791
x-frontend
front6-20
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
kittenx
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Frontend
x-imp
527600
accept-ranges
bytes
access-control-allow-headers
X-Quic
expires
Mon, 21 Mar 2022 17:29:31 GMT
camera_50.png
vk.com/images/ Frame 3530 		570 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/images/camera_50.png
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
e3b9c102be54a21fc534271c42ff116be61325240fac9649023cc6adf41d8e72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
last-modified
Tue, 22 Sep 2020 20:29:55 GMT
server
kittenx
etag
"5f6a5ec3-23a"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
570
expires
Sat, 26 Feb 2022 17:29:31 GMT
e_af81c36e.jpg
sun9-14.userapi.com/c9670/u04439/ Frame 3530 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sun9-14.userapi.com/c9670/u04439/e_af81c36e.jpg
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.185.141 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv141-185-240-87.vk.com
Software
kittenx /
Resource Hash
659893685f9da64e126a723df6a2bbfc76a1560db1712470cef4b1cef51a34ad
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2614
x-frontend
front224305
last-modified
Fri, 22 Oct 2010 20:50:40 GMT
server
kittenx
etag
"4cc1f920-a36"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Frontend
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Quic
expires
Mon, 21 Mar 2022 17:29:31 GMT
RTtXXDYFjn4VJnWwuNYWSaPapJpxIMPiwDm1E73a2Ba4M6B8o7E0TZRb5NsLuLPR-ET4uwUPJzYkYg8S_Ga2GVGF.jpg
sun6-20.userapi.com/s/v1/if2/ Frame 3530 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sun6-20.userapi.com/s/v1/if2/RTtXXDYFjn4VJnWwuNYWSaPapJpxIMPiwDm1E73a2Ba4M6B8o7E0TZRb5NsLuLPR-ET4uwUPJzYkYg8S_Ga2GVGF.jpg?size=50x50&quality=96&crop=71,250,1299,1299&ava=1
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
fe7ab1b60986d6942e5715194db421a520b9c2bfaf5af223be5a7c250b80e5c7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1627
x-frontend
front6-20
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
kittenx
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Frontend
x-imp
527502
accept-ranges
bytes
access-control-allow-headers
X-Quic
expires
Mon, 21 Mar 2022 17:29:31 GMT
psy-qcEvAOn18aFBDWKv1yx6HB-HwNbfjltrbOsxcPOCyWOZW6aF5ByJbdNfmZVqkU2xIj6IaH3-1VUNXDFXpOF_.jpg
sun6-23.userapi.com/s/v1/if2/ Frame 3530 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sun6-23.userapi.com/s/v1/if2/psy-qcEvAOn18aFBDWKv1yx6HB-HwNbfjltrbOsxcPOCyWOZW6aF5ByJbdNfmZVqkU2xIj6IaH3-1VUNXDFXpOF_.jpg?size=50x50&quality=96&crop=0,0,612,612&ava=1
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.3 , Russian Federation, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv3-206.vkontakte.ru
Software
kittenx /
Resource Hash
1f794dd11cdd04a590ce9470b623bada6817aabaf2cb4bb81817394e17567c66
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1949
x-frontend
front6-23
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
kittenx
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Frontend
x-imp
850604
accept-ranges
bytes
access-control-allow-headers
X-Quic
expires
Mon, 21 Mar 2022 17:29:31 GMT
xRhs85dDdaazkybLVsRI9YONopKWJRRv8-fZWsCG-76GUCfNIn5VoLZVJo9pmE8nIrZYfPsX7UDFQgpzH0EiWNMx.jpg
sun6-21.userapi.com/s/v1/ig2/ Frame 3530 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sun6-21.userapi.com/s/v1/ig2/xRhs85dDdaazkybLVsRI9YONopKWJRRv8-fZWsCG-76GUCfNIn5VoLZVJo9pmE8nIrZYfPsX7UDFQgpzH0EiWNMx.jpg?size=50x50&quality=96&crop=58,306,721,721&ava=1
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
655f9821bbe131e0edf35701ec0cdd58d80411746b9711b0383a78d4c5d0015f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2625
x-frontend
front6-21
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
kittenx
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Frontend
x-imp
859309
accept-ranges
bytes
access-control-allow-headers
X-Quic
expires
Mon, 21 Mar 2022 17:29:31 GMT
8hTGh-yx4VE.jpg
sun6-22.userapi.com/7ldpwFjHxXuAV5j0hL3m44HtNSCEXUlEqKfN3g/ Frame 3530 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sun6-22.userapi.com/7ldpwFjHxXuAV5j0hL3m44HtNSCEXUlEqKfN3g/8hTGh-yx4VE.jpg
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.2 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv2-206.vkontakte.ru
Software
kittenx /
Resource Hash
d299027d1343bdfe14159bb1d6486ec433badbcae64f984c9730376f30090eb7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-frontend
front6-22
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
kittenx
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
access-control-expose-headers
X-Frontend
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Quic
content-length
1655
expires
Mon, 21 Mar 2022 17:29:31 GMT
98e4eac739daab3e02e19d707f3b0064.js
www.gstatic.com/mysidia/ Frame 5C22 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/98e4eac739daab3e02e19d707f3b0064.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a49375a818c34a92996dda920044a1ee7ac34b25dc0340c2a2fe9961adb65b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 11:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3653
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:43:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 May 2022 11:08:19 GMT
cb16f0f75ea5aac7d9337968f48dc02d.js
www.gstatic.com/mysidia/ Frame 5C22 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cb16f0f75ea5aac7d9337968f48dc02d.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84a2b14ae123952f243eceba58a315af3a7e54940c98a0f34a17dd95b8a0a52e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 11:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5853
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 08:01:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 May 2022 11:27:46 GMT
css
fonts.googleapis.com/ Frame 5C22 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 15:57:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Feb 2022 17:29:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Feb 2022 17:29:31 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 5C22 		2 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:25:18 GMT
8cb09a129f3c12e7897345334ff7fe46.js
www.gstatic.com/mysidia/ Frame 5C22 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8cb09a129f3c12e7897345334ff7fe46.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5dd008b5129808beb15a631c8e46c805ab017966f87dc5779c023258da27b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 11:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2380
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 08:01:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 May 2022 11:28:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 5C22 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:29:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 5C22 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:28:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:28:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C22 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 17:29:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 5C22 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:26:49 GMT
6db0573cb067ea4557d3af56fc7062b8.js
www.gstatic.com/mysidia/ Frame 5C22 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 10:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11678
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 08:01:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 May 2022 10:18:59 GMT
css
fonts.googleapis.com/ Frame E7AC 		8 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 15:59:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Feb 2022 17:29:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Feb 2022 17:29:31 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E7AC 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:25:18 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame E7AC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:29:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E7AC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:28:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:28:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E7AC 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 17:29:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E7AC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:26:49 GMT
638238a1c081a92848b457a11fb7df3a.js
www.gstatic.com/mysidia/ Frame E7AC 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 07:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 07:40:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 May 2022 07:48:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E7AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtFUt-igRYt7tJceSywWnsoyoCtPj8cdmoLCdmpgP6NjQ3-kBEAEgwZ-yJ2CV4pCCoAegAb7rk_0CyAEJqQKdKQweaf6yPqgDAcgDywSqBMMBT9Dfc8CUi-bhD5u3Nv5CqHeJX4uq9-qmKQSkA411ZlkZ9IXyzRcyb2rszn0DakYd5JzmPgn6XKC48FP0BDZkrJWXw8pgkdNFDP1a_QQJ1UQOI4BnDEyrQdC8C4E3p_gRrqbTDme2DNwMnzkvy4tatip7eOr7EylAjBAUEVgd3vF00uc0bsWF24pifK2vSI8UPGdKdkGfZz9i9doTgo778UyrLYQTturFBLv2ku6kjCJ-3XX8gOrXhOlM3k8vjbMe3Zu8wASzzYbB4gOSBQQIBBgBkgUECAUYBKAGLoAHqpTsggGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCHuQTSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBgBcBshccChoIABIUcHViLTQ0Mzg3MzYzNTE3NjU5MzgYAA&sigh=m42uhFQVWTQ&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 19 Feb 2022 17:29:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Feb 2022 17:29:31 GMT
truncated
/ Frame E7AC 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E7AC 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:31 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame 660E 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:31 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame B56D 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1645291771.cds262.am5.hn,1645291771.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:31 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame EC35 		0
0
shopping
encrypted-tbn2.gstatic.com/ Frame 5C22 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSZVAj0tPO_p92w-idIVpGgmexmRlVO37ppg_ndRJe9-Ql6Z9s&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48782e40a118e879c461cda8345768ca277421d4a1c65c972e43c28d8e8f0965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 08:40:49 GMT
x-content-type-options
nosniff
age
377322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8851
x-xss-protection
0
last-modified
Wed, 11 Dec 2019 11:33:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 15 Feb 2023 08:40:49 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5C22 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRu26y73r22LIx6MrIzge-4VXKHb13RJ1lKww5MJpAwbDq3HfE&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e825719fe4658ea0dc5dbf15d7740e5555cd71817698d5d1ea454b088b796d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:21:48 GMT
x-content-type-options
nosniff
age
79663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14198
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 12:28:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 18 Feb 2023 19:21:48 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 5C22 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTSVp9qbZrOVe86BNL2K5SFVEvqK528OA_4VcKsO-majkwdcU_K&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
975870a576905cac3784587d8ac1ec7cdd44469e7a6c20240b7fb32b56543008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 08:06:51 GMT
x-content-type-options
nosniff
age
120160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23108
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 05:02:04 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 18 Feb 2023 08:06:51 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5C22 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSjhbf_Hr1C00gz7ef5SA9BFmJjYr4MIjj4vfMSUU6oPUSQGAk&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823b213da59b08d21ad80d9f280bb7eeb5e66e64886b53615b554de02eb60126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 06:32:51 GMT
x-content-type-options
nosniff
age
39400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7972
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 05:15:56 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 19 Feb 2023 06:32:51 GMT
7103612115487317334
tpc.googlesyndication.com/simgad/ Frame 5C22
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCL57XsHBCABBiAATIIgoSA_Oqki0U
  • https://tpc.googlesyndication.com/simgad/7103612115487317334
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7103612115487317334
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H3
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:00:05 GMT
x-content-type-options
nosniff
age
340166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5156
x-xss-protection
0
last-modified
Mon, 18 Nov 2019 11:07:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 15 Feb 2023 19:00:05 GMT

Redirect headers

date
Fri, 18 Feb 2022 23:28:30 GMT
x-content-type-options
nosniff
server
cafe
age
64861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/7103612115487317334
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 20 Mar 2022 23:28:30 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5C22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIOjO-igRYvH4JNGIgAeJ2JaYApyY7o5itdWCwoUMpJ6CzcEKEAEgwZ-yJ2CV4pCCoAegAePAq8cDyAEJqQKdKQweaf6yPqgDAcgDywSqBL8BT9CgpAx8cernYQbK_PfwR0-9Wc0Sa_pQKxEOBogaH33oVdnSGVAMcY1iq5kteg-t1y0loKWR40L3ctAFBwphYgLsBGFtMLgS6aVS7bFE3NCBXe0AwD6txnjWE3XqBajJGX9Y56wKSX1GxjoTkCkvQWBGBCJdAOqNIL1KCYk712fnlUh2512f4w8VWxXn5YT1QogqtWdHPtevx-yOvvkghlkIWTAIRehja7T1fRfmqrEVRwEy1592Bw9c3h8De3TABKSqotm_ApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfR_4wmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELjnENIICQiA4YAQEAEYH4AKAcgLAdgTC4gUA9AVAYAXAbIXHAoaCAASFHB1Yi00NDM4NzM2MzUxNzY1OTM4GAA&sigh=mt7OMd2dCxM&uach_m=[UACH]&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 19 Feb 2022 17:29:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Feb 2022 17:29:31 GMT
post_widget.png
st6-20.vk.com/images/icons/ Frame 3530 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st6-20.vk.com/images/icons/post_widget.png
Requested by
Host: st6-20.vk.com
URL: https://st6-20.vk.com/css/al/lite.841f60721bcff632985a.css
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
95.142.206.0 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv0-206.vkontakte.ru
Software
kittenx /
Resource Hash
33c22d62b4d9b60d8ac8b010f4e19da452eb17484e66c581c5f4184dd8152d90
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st6-20.vk.com/css/al/lite.841f60721bcff632985a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-frontend
front6-20
last-modified
Tue, 22 Sep 2020 20:29:56 GMT
server
kittenx
etag
"5f6a5ec4-3d5"
strict-transport-security
max-age=15768000
content-type
image/png
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
981
expires
Wed, 23 Feb 2022 17:29:31 GMT
truncated
/ Frame 3530 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e

Request headers

Referer
Origin
https://vk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ Frame 3530 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d

Request headers

Referer
Origin
https://vk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
font/woff2
code.js
top-fwz1.mail.ru/js/ Frame 3530 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=320px&_ver=1&gid=60378669&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=130&url=https%3A%2F%2Fwww.finanz.ru%2F&referrer=http%3A%2F%2Fadmtax.ru%2F&title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...&17f13081353
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 22 Dec 2021 12:22:53 GMT
server
nginx
etag
W/"61c3189d-6a23"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Sat, 19 Feb 2022 18:29:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C22 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyCjkIBCo1cmRhX2Fndl9pbnMsbXlzaWRpYV9hbmFseXRpY3MscGVyZl92aWRlb19jb250cm9sMl8xMHAKDRArIQAAAAAAABBAMAQKDRADIQAAADMzK4ZAMAQKDRAKIQAAAIAzMx9AMAQKDRANIQAAAACAmbk_MAQKDRAeKgc1NDB4MTgwMAQKDRAZKgc1NDB4MTgwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAADMzb4ZAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAACxAMAQKDRAFIQAAAM3McIZAMAQSGkNQSGRwN3lsalBZQ0ZWRUU0QW9kQ2F3Rkl3IhJncGEvbWF4aW1hbF92MV9vY2goDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cb16f0f75ea5aac7d9337968f48dc02d.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DA5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js?cb=31064998
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Feb 2022 17:29:30 GMT
expires
Sun, 19 Feb 2023 17:29:30 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4574 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js?cb=31064998
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Feb 2022 17:29:30 GMT
expires
Sun, 19 Feb 2023 17:29:30 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B46C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js?cb=31064998
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Feb 2022 17:29:30 GMT
expires
Sun, 19 Feb 2023 17:29:30 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 463B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js?cb=31064998
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Feb 2022 17:29:30 GMT
expires
Sun, 19 Feb 2023 17:29:30 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.html
ad.lkqd.net/cookie-sync/ Frame B380 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
content-length
1882
content-type
text/html
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges
bytes
etag
"952dcfd8e3703b5a7e78418d51009535"
cache-control
public, max-age=1209600
x-hw
1645291771.cds262.am5.hn,1645291771.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame B56D 		18 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=14416235&m=&rtv=1&thost=www.finanz.ru
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
31dbfef504dc0db26ad3e595a54a50ee0092e1b977a97ba2d31b49d04d8737f1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2926
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=14416235&m=&rtv=1&thost=www.finanz.ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:31 GMT
content-length
0
access-control-allow-origin
https://www.finanz.ru
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
cs
cs.lkqd.net/ Frame B380
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d2c7a522-8dc9-4f57-9cc3-ae824842d16e
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d2c7a522-8dc9-4f57-9cc3-ae824842d16e
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d2c7a522-8dc9-4f57-9cc3-ae824842d16e
date
Sat, 19 Feb 2022 17:29:31 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame B380 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B380 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B380
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
pragma
no-cache
date
Sat, 19 Feb 2022 17:29:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame B380
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Date
Sat, 19 Feb 2022 17:29:31 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame F31C 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNWYErAKr6ggWSU29lSbLavjYX-mQI8L4PmUsLBhJIyx96RWvrUN2nnTLYxfy6PsbKX_BxsmcfVnNzvr0hkCku1ZNyoS7jlrZS2pGkyLc4SxTMdQXReBGNAwJjm727Wf8VL4bgosIw0MmbEsHWt9f59EtN2iw-y76QPT_7k6roKifgjYFPU
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 19 Feb 2022 17:29:31 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Feb 2022 17:29:31 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4DA5 		75 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-LEjwiS5nziyLG2P-u6KZUlcHg4p1NHO6TiXJEocfbGEV3sEVP94ToKhNlDdrGEeMnJZi1bZFlvL6q9QA2sYNGkpdSl7xVPFL0zCffr52Ua1VJhfWFMTd4RwWxXUeEbk3XEqYFDhNPBegPEOQTWmCG4XhPw&dbm_d=AKAmf-CQRq47HRBAKhuvPbJFy0FMLgygQARqXkovZJAARXzcgeWR5aQr6kIGc7luseiPLHrbv1Fi70PgE2vt2jZ9UEJwyWMDEpfzMMmHrKWB9DgOjhUTZPsNwUJrX6V2X9rN74uKwFIkRW4v2Dp1yoXgRT9cEqby4BnQClDx1SRMGun_lHmqA2MgGZT0H2Tb5TdeK29SLN6pw8Ey4gtTanE5R22AFgWqsXgdazSmCbDGxH8DMiugAx4HVwm93Wy42B5cAf8pLdyi0sgvVx0jBwd6cQAGTffw7JoMhG8IG4BGFWWVfVGag2Yj2hYthflAbvCPbLOPgIhmKJ9NMv5IMreiV-kGEnHNGT-ATBv8qW6u23pHs8vaPlLlMpgdQquQ2_Iri9HXW4oo81jFJbOJtdhD1XhFqeS0t8hcdq1vc09v8aTDFmb9aWHUmhuaNaI-YV4x9QwQqZigrP7s05E6bMFP6I40H-eNZoeXK0it8HsZQfGEfI_3X7203PgYcE_J3xRWBG1Ppq9IROKvD5oe6ZtvhpChke3KVVFPLBl7FaJd3oS6eQygabEvKtBuXadfun4LA77N49YGr5-BN80qe25t4578fUljDq7AhIZqSS3QPohrPdugyelq20uB9j8gS3GvBKaHJWr_HS0cAZwqKKnr8G3RHaam2LKXsD6RJ6ZCe6wE-p48EYIqlZJY9v1mxx3jFaQOjZWZavRLFPfPdabOjHLXM4e0ZJjpUHp7Gas9E10DGxVT1PtwyCfihOQ2x9yDbVfWgnC0b80blnfmT6bpQP4zV_NSMXZ0MMWfcOobuxzdZcCkDHq4IS11vjnv0Y-U7d0fgvyNjinYvCrNkxauJF0VrqIZPWW45_jP40t-Zw3XListbd1KP3-FkR_pRGe-eV5b95Xi1X4CcN2YUVapEf99DJjeXHEhVRds8jn_FQpMBiBmDLaaIPpUs0Ynp8ILoyr8Z5Pg1kZVOV32bm_gqnCD6__bjt_MAdOOjRk8XnRotViVFENNq9zqZESQ3X9WlWHU2a_mt7MRIntcey2WSFA-D2KQ2vIVJ44luS9gedR0ZvazIGyxM-BtTlgqGmTVUqT9ux4qYuLiB8bjn7LkAuRR5Am5Su0-w_Fgz5ngyn9FbRlIXnv8GsZADtKPZlWNVkh1m39QiuuOsSLtadPSyppvdBK7eI8fHQWb4dybgUhWJKV4g7VWapxqb-q0bVEmfq1fKqZGHjUIxVCLVFAAtItIa2brXYKeR6ektXkjdM5rJKUX-ffm1J0yvxStfCFTM_0aoMFUaG53p0giqDqq2B6k6jAz38lItuzQ5kLXjDy6S3aCTNqAcqebGcpW6iU2c_0Dz50De-N23on28xqPz8Aoy2A9Dphwzgoo9GzWQIP28P-TUAwCuU2BksWuomcGbnGDYQkI3XiE_Lj_d9IHuEEg5pvtZyHZjiLSDL4MkTNiXbjJYXFOoD3-rnF-xWfsRyIzmGDWf86w6M83JoQhgBMqbvCnCzzkrJYZvra_0HiWLwrF-6v7wp3zWKwkKQHIbIMA_RKBCMAyb09vkCewt_TQafmpLIVevIJUSIa8S29Bzbd-SLf2rWCBL9K1s3BQtklw9C88fixtUBZyHJeX61XSw7F51H1juIs_qxtaWGFQHZa_xtg39riVrTvPG9SaqQHt4xwHORWsTpHZFhUXezQ0NkiTODI8ZkqrzN6OQT8UgvsmbX9x26isZ33XMgGVrkwsJs5dB27bBdOZPI4Z_yGlzA4V8WxRzYQplnT3hUM-hh34HRzOPBIYpgVBuI5jVDMMkb85Sptqf4mIJGwaSRQnESj2NruGq8KMSrI1xMxtILY88Ic400V-by5zgN8iIqhm0nm9VLa1x61dFyV7_69GI0XK5QjVszCewlAYBKVIVrKsV5_XyWT74pQzZxPiVpdPvVyehqnnChkP1j1mcRfnysxfRhsoLCId-FF6BYCsg2iHLQVll4lSRgRBOsQOblbhmHJXGKVpBmIRdccnGGT1dHr80uQ-3QIeV42y2tSuMPs4vYHI8X0QX9T7NcdXX4pfw3Bba7sJhiv6hj9tn9iilYKse3Q647SghEd44_Yg7nkpwzbUKOX6SXEKVm92ajmHMfXCmfB92z7Hq3AhiG6ADDc4DidOZOqhF8WXyiG9d_RdWN_ne__YHHL2UA5KgbIAyoXjiZas7QALGcXm1PwZEgLYVIVAETxChfYxClrM3eiKAXb5fLqVYtTvA4lEAMykehIOMXpCKwh7oFI_Q6zPVQyqHwFnqEG_y63Z62vtOArq_ldHDWfOImCrMHJ0SZfYB_uXxZ0Bn0roNK6PGNdN8K2wmBGzHPmG-4RO5pYCMpVcOrTBg9USMuABBbn734YZvds8qSIGKULSRH1pBhdcZU0djfBjJ1mUPrWtXvMeD6rpi902vDLh38i9rIww11jJcKQRuhrPBHvV6NWMPyA9n39ZyeCVS6rBU7xBLfqOtAAwvonl1Qq-ukUIvtzfp0o8kr10B-N0J5nUGxxYXJhSjKrpm-i8JGWY8olGTUgi9Mj3w814F8OkHDBN3S0QX51GUouebbPHHX2ltz6tV_PRiwfiw7xjFQgnrNIrIbGPq10iVTrP023DzMz_kTH3Bp3Hp2YliTnI42yJeWJ5Ka7m5IrXWrhrssbEmL5tsvckpM3Ifw0c3g6s1V-hgxfSRrKaLvFOmZqYo341QQbz34YVHnVTE0_lbwYZPY5DVH7g3hciEF5SXZWx7zoepM5kLo4yuBayOV0D1kOkye1hqRX6tLKJOy2XKMrRLYotfeEVIO8Ktd3wUq02IuyyjotSF5IC2a7z_32TBaVM7hCxSJGv1xPVxZeFLNE5RyLh6JSH520oH9R80EuUl_DrvZJnYD4DB6DEjaekuEDD_StIBipOyavLzomcWkSLbesC047n4mZ1gviH5NAH4mx5zRo2141EffPdhIZFwpbQdx8d4lKAJZ3WgJh34yhCgLx3edG16PbbMWCzo8InKt6WTiD_nlZjzxBzYZhsf2C4Ww7rkDXLgguKgsYIBBbxmGGBs27BgR_ryJ4u26gmaYYnW668IUz7WgRCKbujTQpdv1XIuQJ1j-Ew9C-VmOkQF27WOQ9G5LomLrVxiBmQzGEIZy1HBE_hcJQhSu1lS-8ui9F4Ij1hKWiNLl6t4R7G6buzxvZ4ThDnFHZzFCyBmwj4BpATzD5RkGtQEA5Q3hAQAwyu4oSGCVy2dQjY-k3I03GOnynQtcniofYU5TUQ-674McrzyKKf-fHGQ3ofzzYPBFfSdecIL0zwU4utQWNpSZahhjHbhTzOigIfMMt6cEpVCNqasnZu2wmSGYjVh1qhvPhOKcpbyR2JVsa0VzvZTzAYxLaDcRkXo1A&cid=CAASFeRoVXcMBTgOdNGECp5hMbqZ8LaTZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5579c2f7f8af03534d414d13cd3577d74432c3d1ef01d6eab56e99ac90f506d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DA5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANlxEwy973s2bMrUjg1kjoQHEx2T9mwazE5RoY4JXrhnBKThxNJule3Nidko29m5cCZqzmVR7mDZ3WUjRl6dzBXQNLi6Frka-zi4BbpGdrPyD79mA
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4DA5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:27:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DA5 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 17:29:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4DA5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:26:49 GMT
l
www.google.com/ads/measurement/ Frame 4DA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_i-j0poMX1eHdd26QfiUbYdt8sEWbB6nlD8x-78sV9YD7aNoZUkITD__2BbR1gCqA6hjo0PJ4YsrzvL_OnI0pqlD-3A
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2A57 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNX1DBCBYOYOAXNZkZUEOedGmFqvLOfISBZo4HZRtAluc1uzYQLW8Xk_gSRl5L50P96McP1wgDmTFgsp42S7iUSEEiIZEWNnwsSuDf9l-2FiZKb1GF5V7UfQyBKq4KAvs5a0hRecT2jGP_0AE5LIDKxtcfe8GkwxmnR3I_3tnSU_nYj9ozc
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 19 Feb 2022 17:29:31 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Feb 2022 17:29:31 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B46C 		57 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdqlFdYBEr5NtrYB1cRoyT0IWF4cvbGFI0sYGEw43Wwdje3sIChgJl8hsuASqBd8uMDF8eU6NYczZ4fnB0XRrPphUaUKExD2kR9zqyJ7nYaa5nG57yMgTv4IJbkApiIX39O7ZPHLxhs2CzE5yjyKGSut77Ug&dbm_d=AKAmf-ArHufKDYkkmbmjG-0uJeQ2YtPXUrpjMUeRAjQluG6_d0eHrcTYXANM2oydQHcnzQZsgORF4IXopT56pzIV7oNdFc0HjroJLyBUi5L-kj3gHazlhzRX85mP4FNCuuIHFh8xUB6k_8kLokV-LMU8sNjBwNO8zICQWSUAyMDoglABtDygzeJ5xPa_CwAYHrshZ_lBYDEfy5YbR-Kgn9F7YRmQVfu7kaWc9Bjr-oICyM3boBDkpGLLeUMWTv3Zsw6DLbv7YkDjsZjfQSVyWQJkx5lEcZAY5RrIX2XzMWqPvks1PbVFvYS_r1JIT5S1fvvYidCuLRC6V1bOOnwVeBQMsztgXpdWXo60QAC465yVa1yJ4CIHLBduECxMhLefR1NER1W148ZnMPo3lJyVRrWbev-dQ_wJu_k07CL0B67-orA--aUu1SQqqZTt0dwD5hhF83is7jJUTOpMwROi0LDgUdMelwebaRj78yXozv0ywVZinR1CM-zKCOWFKhv-c29JiE5KPOOvfnHr5Vbi9LpiQ4txwcSQti9xBdx77kHSFUsQ7DeTwt5xVV-peSOtArGCXhZXW-We7NwSQp5A6oGfe0jSydPkGMVc-B_QK3rv4u0J0DsSgUhcw7At_ar-57M5sQDfHknz-e_zmiEca7d7R_pazYNTVMwUALkMo1RvaAN7mhC7DgzRqTi3DKYndqN8knqX2jhStrjsoExBoj6uMd5AfiQdNinTb03amzP5rAcYn6Q1I5boq0kSMZE7lEXrOOlFLcdYyAX2WGp72aME2WCaXZ8rFNfYlqyPzczhLxcVsT_ntmrIrcOcMdp4S-gssoYSMqbkJKlx9eYUVQVjhMzaM-ghxOdO4D56pd4EynC_ug_Ge5MnIDLm5Tl_MnQ4jDt3KQ1Du3wifKcrC243IXv4lvfGGmL_SjMkDuwBEk_0RcVrQdBiPDmj5p3b-EzghHB5c2Jpolxb0rgnWwVt9jaoy3r5Od-YaAGFWX8fxhzYboLDyvLsKXgsrG45u0yOMLRPkqFmNhohN7E38-efJttiAZ-BMyVPLs1zTYJnSeg_-Zxbam-KmZRlY5OuVJmiHBenidSBFK69LF5Ak39ZXDwAx-5e6yKN7HGM_dXqmT_xOphOmgKzgd6S6kS06HPFMuIGBp-yAKvByctOY0O3ZK_iwiSXSuBLDD3Nc42vA9tWUADSZgvQ96RshOfNcpG6p9mDpHT_Lzah6WDrCfjJz_g4x50AjjJgzjZK7DqPxvp4vrvr51h3ladTUCAmMxSDbtA_S2699AjYPckA7ar4Igbg1w6jCjbJQupHcIOWUK-cwesUIUKiPf7_OuptPy5grbpqGR5a0g6JUspgl8e8z3BkMqWy032nk7orBzkUrxAUe9eakPhhCqbWf930xY9twiu7ah8MCV5EMtOAWuO1iBzuwPqWuGX05ib4nQQNG2XKBjFWIEsIUll7Q_3PtCp_hptaLkbBJtkSu4tWo1a2PvyqpOsx_7DFvp1ZQxYvPESaLrA0ouN1WLtk_Ndq_6DKHy03VrB14YnPgZc9b3Ip9V3JEpfVqwWaXW6-ir20b3HMNc0iirFSUZpYlam8FJwZK-Bp6cFIkjh2vG4IPjZ5FWnqzKuqmoRzFIra6M8Q0Zb1Xhdel8uSQApf-rC7bPVbMvdCPg9WS6w7vbu3UrLSTZo60O1dVoyqCmHGNLJzj9kiJwZ6lOFcS1R4WENV7n1mfY3kwZBmb9V_SOwWZ1tlNCyOi4dDavPF2Lgg6jbC6kYF7AhEoxlFUaBMPGx-X6Xq6tctcgUaVfyMza4UR4cnJCUIzilGIeD8qDlyiHBuH-xdspgM7H94pc1buHEigKhhfDaRooODzG_NBiBZmiOklsRdMuSfOjtnh7dGYkyj0ipzXfvuMxKCYq7L4BkBRlUqqR7tvwYlYmYRqL83KxT50l6AtSjaxAQgkGh4wGv5VfSmRC8Z7XShr4k4S5DDd3Y7guCVK24ifbgdN8_X1qgox5oVaQU8o0dQPOtkIQdHuT_0ttMP-RjF6s2EN2oJ0Omg_-qrtm04fygm51Nyef0fwpR6fCiSVpjDBnOMu6qUOb66aahYKIqfN-wUigdb2A6RpCFaKWU4To-zfuO7T8QKOz8HrsilGeCTqaeIizp_sN6UPtQLMVxQP5HrkoCuNCwHN50k9qAOnfvlXNmiS0ZcM9I8twlzZtwjiouoFgD0VBLldmwupM55DUqJM_qiICUlxgWwQ7W4gy48-t1n6gWaLeHrV51mLZc_Bu2aZa-e126oZ3sQhfmyyfBS2dDeZgTDdjzbVJIlRrD5bEQV7BTpRk-OR9L3KDKgOXf4EFmcwZWV4cFcV2dLsL-ND0KmG5e1ioQtFdaOqHnqzfZpjPgbPbmRL87TmmaMW14qmxIH6r4ILBZaroBKdt7ksP7cgDxytUY82kYRCsYP9aK7aLLP05_OvJBt93Sp1Bl52SiGW7IRpCoz_VwzUp7E1zKIYn5XD8bwhRo2Oi7-I_vPopf0H9Agxa-oG6f_mZdmHBhvnPCY20KfzG47holsMkCD2tCUhI1YJY8OdOl0L5RL7EStNVO3yPCy9E9FYIly_eY0Zu3NVNoHd3ymawj-hjM2Xp4HOekEveMkSfFVR6MJMWG0Z0EN_DVUMTY9O9Cl7gMWAG-yHfCfzot9yDIlKOZ6q6Pp6-7nMNHqjf3uyD9OjKK4zSbzWVhKm3__TXb3hccpkkWDsKLdViFqKeaCCUptEsPMpNpB1UU_3Jt8j_loVbGhbRgzpo7vSJZsGFaoTISDldH5gJ5tXLKIJAGypkbga_wjASYcVk55crOdRE35dceVAPRxvTqMnwAQyRBXnWW2Hhr68tQPDUxUS-K-O-FShAkoPON9ChftEZZe6njSUq2bu4e3AI93e9nYal0abCETAmPHV0333DR8YwTrNBpsdIqtTTeujVCiZaRx6WgfINAkgJoxSbl8wZxGpKo8psX3P4oXt9EbFdKTK5EEP9nm5YhhpZVJOWajgc_6aRX7fEms_eyPw24Z2ENjQ-iIPrkG-p9YPZul3E1VrLhQZjmv-Ybj2bUiMmXQO7Kru8A98q2D9-47eLLoU669bH5OrUAhFCQcc-G4ZRCpL4_Dr2x94WXv60zdKshsJ3Pttvu9vAP-CMv8Wgc_ssLLTdNT5trLSaiArBJmeIEbI331xD8prbWbIse2zabJMLbu3FMkUf7ukKLi9IcM9HGIVaEXxf3jlZDz_pIavaIx5JYam4TGxZDaMHQXJnVkGmeVbZM0DigPZVFxNspS-ogNWuHOQ25G5rl5scN3xwJvtqYAc8uo0s_u1Frfz5ei2HzSNjMQzo96U7yFovMfUg&cid=CAASFeRo-A8eUaQSb7Ma8dafUmkm7L0PAQ&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
017faa0a1ddf02c29fa1228c6b24b3eeebd6afe32ceb3817eb37510a67e9cc06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28756
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B46C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcUxvl5I1WdzapZEumAv_7pjxfWtfwOuF56VK5wwg5opFU2LBQIYpwK-b-2zvmOdbqVy0rhSDHjfYo2jb8fDu1tjwu_mvNBW4bbFf2n7hJKxSw4Z4
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame B46C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:27:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B46C 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 17:29:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame B46C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:26:49 GMT
l
www.google.com/ads/measurement/ Frame B46C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaU4GaL7gWaALWQMC0co-XoWvNqGZX_Me5jJQypyC8Wm36M6hiZpwK-FFCa6ZeuvoPyuRMAZCgHl1NwmyoILFc4c7wVA
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 72DA 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNXXiPNYPu5gCaouTz93RUltfy52vAbLHpIVOrw98mI69gobIFyGbL-gTCRWTdmxPf68EMdzwPYi9vXcwkyNCV9jwKR2qMTMOU6UfZx4N6CwK_FYkt8Gg2h0sZybjvNdwHHt06F9kv6yw0bJj60hsISJxB0Kn5czWDlv-jIrNtVdaDS1b3I
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 19 Feb 2022 17:29:31 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Feb 2022 17:29:31 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4574 		57 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW1Yn6JDWMY-Qrm-0sb2GtujFYCmSk-lhO2QPIr0qjtgFvJxDuRAZjAsrZ1S7B_1vhuagw0Cf2g1LAByXmi_dc8VGcipHNW4fLK_o97nGcB2CmnedJfX4Nso0vxEDTPKqnoTxHj9x5qc-LJ7Brofj3LIVcyQ&dbm_d=AKAmf-D4e1Z768h1u-1_Kuu7lVEkQgYHHCNucNxIA7gGUiynje_Ml9yzU16LBcbXapDPlp4KvMbMaBTJRIXMjYA6BITz_9LdV7WX8z8MJGgeEu_HYayUBSPvwB2x5HUv4tPhxMZ9tgCY8ujTANjO9hYg9OrW-B5_7b6_gKTLHZE_lnwU4zfeOJCEipX5YslamrESLe2caH57prab0_ED_dQe3RgC2EsUzyyKBE-kKIQ32SFivn1vDRF3JVPix7qG2numggSMEtIpeOEVBbzpC6QDGt9lR0WaohcskGBL28kD1NARg4xaxFjJCjeBAHr3FBXb914AsUXhTRScDD5edRZ4hPVGES0VWVJivKYuis1H-4IaPB5q3NjvC3RamIsDvq_CrQkKCRZnCYFeYBfJfaDNi9XlO5LRxetFL03LL6hO5WJVjxhP_LVzyJ-DyZOcKjGqz_yQRZrS38jH9H8G5lfkTEOGPi0QpMffH6DogoKBVWKDNx7MDjDx5OEVVaFLOxkX1s_cJu5mec8KsstboNPUnG2nfyubdsuBDlOGxKKgv6hUSfIlJ0AfPGzQmcOeigfhSufJPUnFuM5wzqtruwGVtk7gtvGiI_ycHpHHul1Kiog1A3lgNb7XmUpeuu3t2ea07pszdUMj_c3zY9W17CCOhNKerMkAELWKgS-479lWT23Aj4gswKjCtPYSH_oBoL49ZZyqV2v5TqciSVlKODmFSWKG7FrG3RNwPpHP9zOOoe7OanmiY1VNyuOQr352EbKbMuf0C2le4gCAfd6ywqFnS9wCE2-4f5R_OXFMa9CzTK2RXw1uA0kzMcocCnr9CVjhQ3i_a3jCiQqPv02dGhNnz-v-vJ_FkvGgC5znPEc14o67w_-4xnhc3JZuCZh903pP73i48pv2Zco9EhG0snBqhX0SM3qZGxzv8laUxcN61EDUz4R6K8daNIx_Wck1ooL55veE7APKnVZcMzX_dD2I1JzQ7qsxBFzNp4_FSQZuq9r8fpreerVvG1aGn2RmV6tRNW7tnpvjyQtNErpa--MYECREaL6S5L7GxCcQMBgy4HJwjgORGd_tirNhPDSjiSWrmREDNDZxBmeZAblBkSSG_wxcGjN86G9jrnUh43cJedEXS6S-hmTMHtu-1Zfndos3omgtUfgNDgVz9WBx78yyyVGJxsO3TanCY8E3lNUDfDYbT-qtQCV9U5piENEXhwXOFUrwM3_V3Xi4n4otqXHP7dvMER4p6LVQjyEXB5IBmbutoizQ8KrwUrYBa4Hf4bPnAbsG2flggdWEkzUAFXp9tCNZZ_v1FlLzgSxEvoKllE55jTqTLccRtW1x3YVCF5P3IzjxtQS6qT6qdx-he0jwUt8bhCRzWHuoW4aSq5YPbImacTuyqzm1IV7JS65_WtR_uEdAqDXT9CFPVgRwK64gStnxasbecsS2bQSMvtIjWAKkx5r1DOetqEXZ3x8oHyL5lAOKqqgJ8sfCdiiGbFXRZxOzt7m-6TzKEBwL1HfiVnsyssgMq4QfjrQyBhq6TlaVoR3kJOX_YoTTOa6AuTnQSEVG9rzEMKd8dhi5Y_sWSkAnpFfEDOKEuRrI8Ekhh4fF7vKuqdp4RPb6301LUfaAD04w30jfgFb-D5LHLfKMmM3uCYh4ROF7p4Wt9qI94DHqbB37ebSX3EXfnM2NoWidXzlad8I5e44NFwkurP8tabhMmP-hNc8pW9Dl-xgX-WGmwScG3vL2zqynod2lXYL6jGGiVy8B21ZCx4zU0ayFYc_gegpcJPgIioPkFWeBtStDtlmz_r76DgAggkXiGf7-yDDR_-mHmorqbG-imK3sjX4KshMFOe-aIAskVWyPt92IFj5eOvCT06z5ne8PBWbYeKElAkwSjo7tnq-sEXj62zYSDqI_iAXLNRe3yCl9Ki0OSYwvS6ragJBkqxnC0En8kbiCPbkRQGK7kg33ofULcOo1eDymxiooIrUTv_dYMzI1Jo1ryT-QIzWDwaGkQYwucQ4VWBrK6sPcrfn8-bJDtc9YTtAXVYspvwdg7I7DZrexBnEx2RRbEfeE19y_rlSlCBfQ-to6tS16pmLOwvyqvhneclPqHZt72zo0WRH3V8QMdDMkThbyVLftF9WtJA87oWfwvXdNVz5qLfzjQsRc8_lWP7E_GafVq9u09mUO7FWvd0kEFRljmt2-3fsWrlnTcWHFaYnzgS5-FJnZQjGftQcwZs_wj8ODos1mi7QedKRndyVzQTeyvLQF2SyaQji6KxhRpbq7t45nWnYciFFym6Vf8RakyzgnFKQTJuXoQ1epZgPzuQwgmfhOmdqIqYUYJ0YE4LVPG99JR-wL4zbqXGsrGVDjXKxgiIS0iKl198kDPJ2Kiqz9-hWCiARC7dm7XBZQHRVYDML3_JKBb7lEI0NsErgZWldxFEc2vEBbEa3wBvc5R0YiUNPYKM8Mu3U1DNS_bfOKLsP-khrQgyCBQebQ14akN-z0hIsp0lPCsMDMiaV9HZ395FBHLjAuL8bqUQZhCKOFUSYPFDL95JPnovKpHzdpgcfkVVLPbzfRXt-7EDa2VUYSBGM75EfrgWAnMoVUMxW0FeEU46t6YFnyUAq351GALdY39cW8eS5ilm5v7_sZY0eYpSrgc-YAB3BWvTAP3aaY-oR3CMyv9ulA9q66xCNpMkuT-ZbK6zClMmoMQRxuhXueox4ISOI944UbdJ-C5LDUuJ9NzamXcXtYjAgfCQHR2vWu2zR8gKO7-FtcYzwa3R28hp2XqOI5LGuKHkN9NHBPSdR-Pl4-AYqGqYZxO9mg8oJZ17WyhizCu4Gne8jLbDX3yRz4OtjOTcWCdikd93Iom7C9MRzENqkjGpozrvxdUuVF-r9IbaK5yYwGuYTtSm7kXwHsp9VCs5DQSDYOHBMZFfU12lIQ-chhI3IhlrFmZ9cIsPoFIYzyRToatzoQYuAE-Egf35lYhgc5yAIiRu1nFAzdIOZYfg4qrHy2SVkoIGF2-JljjSRM4SlL4dRv_i4deMwERCnTJumrYsmMfdISbBdBB8qIvWa2LEZVGJVbRnWWtxyDmcJVzAG-euolL8Y7N09bbXYvzNh87BHwS7-LekKTJbE9ii8uqOYZh-Vb2z3HH7lOuowMeGh2X0x0L7MwYdJQU3HMnzwlB5w_IefZPovh_nbr36rATrFjyRufptA6chp6fEWdRF6RDgUl_EIm0nA-iVaffN7aAiiGPuGIM4yQEVj4DuKXGYnaQI5kG4_vthMBlwK7XMWuzr-q3ne6q9QmUhYOeJwZdTuZcDQxTngH4eVDMtVTuqM3rFiZnM8gaDvRuljTi5DiDsMxtNVX_XRbAFSPiAFm6Z3nyBBdWA&cid=CAASFeRoePr1comzWDSDOE8vMDjG-DDKZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a10070dcdc2c4bbf3e493359f22ba7751e15a354a68b14b5cc59ca0ba07e8d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28787
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4574 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B7cb1h_t5-IjEtlWaHjMRPNsce1AjI3tb0DHMG8oawpjCqZlNaT_du4aiRcvQsKcGO3c64_RM5SE13ULvP4EM_qy39_lMfpR-q08ESz_0bdNj7aeM
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4574 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:27:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4574 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 17:29:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4574 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:26:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8418 		499 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGJDp854BMAE&v=APEucNW933Si4FVusnfa3iIgiEgI1YpH_6IMumqjEMKLScukF5QBepEc6GWRqsqndPEEp-b4nOcgk3K1tYbsnzsaKxx1ZPamWi105mydBD6Gon4_Y4o608GsBDH4BChzuXen6mIb1HX9sYRyo7tegb0jJrOpfsWNiFoi-AhsLGbke-Rj7rsz_3E
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 19 Feb 2022 17:29:31 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Feb 2022 17:29:31 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 463B 		74 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWGCO-BsDqXmtnv0Hbh55Ggxzd24rhmGCHi9Dkai2wPoW1K8wFaFxmDfJEzyoi34CeyO72P9sh4mToMsqNqP9P1LMi0AxxzGL_ZCbxNih3AhdE40ARGIHib9VLPXt5DJ74_Jp3YSIya6ponEicd4BVcXHBhg&dbm_d=AKAmf-Dv_5mOR2xTxrwCfMj8wzmlEmJlGk9tQ_zSMbWpWSH8hTZdt7RMRe66v4eqlyMmOaErapA3A8RiU1ks1KZrqFBqKckivaXcJMJ-vBVwLPcCHH1TZF8QJBtp_IAd_Cqa9dGIaTYNs7fZPtwbDQjUANjeusSKeoadVALIsPreT1yUCV_oPP2l-c5q8fkEYF5ALWbCA6h5rCHqEJmalYlkEXehcpo3sSKWD3grcztqPGn1DPz8rLsrUv33Ygm448JKIST9gVdemJeJqUES5OYptNfACO9X1jr9C37KjPpplDkJoZZqUi-srgLeoi3Uba5r7ZKFJc0HnKRa3ckwag820RPoM1nZ_B0VMPCkrfF4ZNieu_Cm5XMtLpkN1DrboivPLo8HE0hpcyBKeCLe3jkxlaVT_DIuqLaF23K_P9q6hdMBbqsbdbYUuhDGusX9jp8kN6G2qptpJ0fUJ1ZH18epviOCGT4p8kIy6Tw1WyngVAahYIXjNc1fD_syNLCOI5wfHyPgABtVZRPWajXUC3NrF0LX2ltVbxM2l6kyi4uTe3jZDQMP_iN2XQefAZiv6BOBJQkhvnCWhbbxyqYsa8lyJ3YApecWNiI6gPEzEvavxhlWk0FM_f-tcS-Sc36SrLPC0RGyVza-kolr4h_WdQRN22yNcws6T4JSyUZdCoy9H1XRHK18kECxYWBlxk9Tpu7LE6j2hEYYsUT0OkSd_jgSG2JGGHdYybUv9d88Eev-iRDcpjwjPYn3UgiQLn0Qwih5Bflt_M6zaNPvp1XlGdhO-luHejpsTy6QTKzipStKMLMdh9F9Z8LISDM1p_k00IE1H_4iJL90dOLqfzUzs8NGtbIfCBRfIaYtSpzB3Y6FWjxbtEtLrQTiNoUDaCKh3RiNq-OL8LvhjbTmL-yxMNJS_K7YcEjs8NR_tSgbi7wdellYPBmCxSVuWUH533Wlvmf9KWHgRfH-Tn0xg5uDupBGeibFnDiCRd5IEADuT_p9qlSh1plb8LNatgjWX5KRyEGF6FBTjj6m2yhByYEb9b-awbmSMluSWbtIvKkT533swUsUL5eDBZ66pzdYz3ay_jZvoqj1x4G19_XcC26oEIuScItHyceS-5w1x1_EDkWqlFo29YQolXbCxmuRLKN1OkOWU4Vx429FeLgaKZ7MjoV2lChJokOM3_8_R0HNSNqimG1mEfp-VOyzbxU_FXNY2R5Tl4A8d1ppfhfeUZqVLt2HrnnUC-w_Uzp8bfjUSE4JxblWoeuhh0CP07esygeMpxjAyIQU2JWpY0w7sbavkZiTA73zkb1EbfrmVTnxk_0YK8KX3nHrkHKH5tVJ3urlj_-CGEVGiaBmRVSF53IrX_GX5M4QVOtcb9-R0YmkmBtZN5Qt-PA_W8tq0qBooraYRgK2tUXQSC_k8dR_fe74R67oyFc7kkOpK_o_EvyoXEbqtmDzcOPmLUELKbaAnBrlEuZnLrTNcu2LTxYGsCl0zHNH62oaP-rcbCV7zZb6066YZYLTP5qjpJhpRd14kvIXUnEfMrwKI4UA1Vkp7pwMAmRMS3wsolP8rvePfKjFtcZgFPDPMwFfGio-Jg2bUs3SAJhvKVFdeZmxGX6q3AwMPGGNMjytV7MbWEyvdw0FaphEu0-piP7A6u3zOBV-nqJIgYqbYO8cKgH2rrKrm02oqKQBLupVIk_xNcQ17NTaRqs8C6nQWYiIqTnenFoDl_beebmp0XBrC-bLfzBbCa0htB8gtMtk1oVe_6QSU8MkV2fiqksMo473sTmmJsxWgSGQEfjA661KRAw_YmEnf4Xs3CvA8Se9cblRmM8htk5KQBIzyHkugXvOVQyWOMEuECxqj3MbiyEZHEqRG9dbc9SZDOmGaRMlfFyS4xTJMdRzp96f7iP2b0EcIPKSPDXwPhw0wTomrUTsylk_MY0n9V14rnXR5iSBwGCDMPDPgRiSUs1E09EfxpghhngnBN0gxTYy5aSoK9235ohJMtWtEzJDYyyX8Y5PD5xptU30iKyNE0fuSEmgEVVWPD4PM9oKay0G2SdaRhLkNZUmzFs0xp2eMZ6Xvw7R8mM2d4-R1NQdyccPnW139MZVlnhOcyh1F_D1kxkCXot_5bqtOIcvO5THJdn6_wHjOn9820U0SD1hZubAaviHVfOVZ1XncSQo3cf4FjDxUHnMgjTcJbUAz2h7rYpyPtDlIIv7qVUvpYiblp2Y0nkgmnry5cMmX2Tb6VjQjKCAQHqA6uIcG6gfpalIr7fGOiFTJnFT-eeRcKynandY6swDnz_7ZtdpE-_F9XmzTdh0_y90lmT2mKtx__XPhpEJcG3TYB-37vRIlbs-ZRWVkfcA6c87yi_Li7HpgRnQFicJQWkDc44fM0AzRIGCe_GGuzflFFCOIygN9XB4MW4jUGZYi81IOr1YabC2TAI-zhs-isDo3HFLlPd1NN3xxzEmhW3MRNLd0yiFZAT34jtRqDMai5crtjBThVh2o6BzvVr_GzhbmkwKTsasxHJT1fLHvJ1iuxQb9QITmiC_pgV90OmckIJr-UFl-8mLVg56JPXJ2Ec5BAAKmJBbs8XsXWuPaek_muc5oLxnfKyuxc0tlZR6QQ_hb-HsFvAuEfmJIGGVi98-377Id2yc7COCF0PGw3ki4c-ua5sA7ZdaP7db_mO_WVWmEwr1lF5PbRXYqiLB7eQJ5-07AR-KnigeepBSu7IEXze2MZ-QH5xgVhTjOi5gJZIQOfpz8WIjVq0Ll7El17sBFOQ22yJL55IKRWySUkdECY6-sGrGHAe0rp36bSBv17X7kTL-ZB1Tf7ndXnexUUUolgRAyNgXQFQkjFCwmNFCeJtcF6fMu5ZNWfP9Nwj-3v8KuhYh9Desa-8eKud0BrTL3c9tn30Y8EzN-xPcmVcXBQkAjAGvuwruwwXIhxbqiADjpZZ7GMHo5uL19k254EV1UuC7v3V7T689y46FEZt2K49pGCzK8XbfPuWJgkWoQ92g9oSxiy9LpnWCSVrcYhyLeAZv6OdkA0_jY9Ptx2fDqrww-H9Mfx9TwMw5uPLfFY8-OvkliN-vcARNMK-b3h8HGlm_vPQs5vXmzzf8OkujgwqjhueG4DqdgtdSkYZyh72gD6zaRBfkGGw2dmNioO8f3ef8fv45C1LOhd-mzu9MT97szDzF73yg-VXWl1MhCvwMtXBMD8XaA4fMkZ4tUI2uaRxliAyTPNycFP9GjSoodLuvX_ICVXdGLIlKgFd-O_BQT4vOt-sqOJjZFguPDQ2gSuYR-BysunkSE9LMQtFNMrm7P1_QovMr8WvVmLKB-8xPIRmiINcPhFHl911BHrNWJCeyUwOpNXwqmE7SBJoHBqOYH6y_fkuaWX3wh3jcwYjIdVPgIJ4PMSQZU0dK97Nga6jN&cid=CAASFeRozaivdJrIj0TMJOjIobi_O9bGBA&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c7d27d48825d75ae0cea399a848db8f299760cd16b75a9a1d49998adac675a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31921
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 463B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BG96lpR_8ajSx3Dt9at68mtWguhRjAY-431X6bctXJpL-JYUrzOEH4q6P584Z5HgVW0Rs6G9GyQZ1II56H-6PtrQ7yIVyaLmb8_3vIbIh9WM45GNU
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 463B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:27:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 463B 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 17:29:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 463B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:26:49 GMT
l
www.google.com/ads/measurement/ Frame 463B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfh3VIPv0XhHbxSNHfpysCZ46l_BGRq2eUgXLmcWUU-M8VfC0EWgBJYFi7OHmLGMir3NOvoEhHxJtNEe8DiqXPkDwxVQ
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
counter
top-fwz1.mail.ru/ Frame 3530 		43 B
989 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2685520;u=https%3A//www.finanz.ru/;r=http%3A//admtax.ru/;st=1645291771523;pid=0;title=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE...;s=1600*1200;vp=320*216;touch=0;hds=1;frame=1;flash=;sid=5714be93b8939aec;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9//4g/0/0/;lvid=1645291771723%3A1645291771727%3A1%3A774a1b8020f46f837e2ee57bcb77b692;visible=true;_=0.34167817791897925
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://vk.com
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://vk.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://vk.com
access-control-allow-headers
*
rum
dsum-sec.casalemedia.com/ Frame 2A57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNX1DBCBYOYOAXNZkZUEOedGmFqvLOfISBZo4HZRtAluc1uzYQLW8Xk_gSRl5L50P96McP1wgDmTFgsp42S7iUSEEiIZEWNnwsSuDf9l-2FiZKb1GF5V7UfQyBKq4KAvs5a0hRecT2jGP_0AE5LIDKxtcfe8GkwxmnR3I_3tnSU_nYj9ozc
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Feb 2022 17:29:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2A57
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhEo.ymEOrOohAr7EYs3TQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNX1DBCBYOYOAXNZkZUEOedGmFqvLOfISBZo4HZRtAluc1uzYQLW8Xk_gSRl5L50P96McP1wgDmTFgsp42S7iUSEEiIZEWNnwsSuDf9l-2FiZKb1GF5V7UfQyBKq4KAvs5a0hRecT2jGP_0AE5LIDKxtcfe8GkwxmnR3I_3tnSU_nYj9ozc
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Feb 2022 17:29:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2A57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFKZHHpIUguYFo44vULkaO8&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFKZHHpIUguYFo44vULkaO8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNX1DBCBYOYOAXNZkZUEOedGmFqvLOfISBZo4HZRtAluc1uzYQLW8Xk_gSRl5L50P96McP1wgDmTFgsp42S7iUSEEiIZEWNnwsSuDf9l-2FiZKb1GF5V7UfQyBKq4KAvs5a0hRecT2jGP_0AE5LIDKxtcfe8GkwxmnR3I_3tnSU_nYj9ozc
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:31 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2744fd9c-6a2c-42d7-bf93-d1a36e6ee6f2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFKZHHpIUguYFo44vULkaO8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A57
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc4OTE3NTUwMDE5MjU3NzAxNQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc4OTE3NTUwMDE5MjU3NzAxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNX1DBCBYOYOAXNZkZUEOedGmFqvLOfISBZo4HZRtAluc1uzYQLW8Xk_gSRl5L50P96McP1wgDmTFgsp42S7iUSEEiIZEWNnwsSuDf9l-2FiZKb1GF5V7UfQyBKq4KAvs5a0hRecT2jGP_0AE5LIDKxtcfe8GkwxmnR3I_3tnSU_nYj9ozc
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:31 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2f4fb9ec-ad49-416d-889b-9b33669aca6e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc4OTE3NTUwMDE5MjU3NzAxNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F31C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNWYErAKr6ggWSU29lSbLavjYX-mQI8L4PmUsLBhJIyx96RWvrUN2nnTLYxfy6PsbKX_BxsmcfVnNzvr0hkCku1ZNyoS7jlrZS2pGkyLc4SxTMdQXReBGNAwJjm727Wf8VL4bgosIw0MmbEsHWt9f59EtN2iw-y76QPT_7k6roKifgjYFPU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Feb 2022 17:29:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F31C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhEo.ymEOrOohAr7EYs3TQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNWYErAKr6ggWSU29lSbLavjYX-mQI8L4PmUsLBhJIyx96RWvrUN2nnTLYxfy6PsbKX_BxsmcfVnNzvr0hkCku1ZNyoS7jlrZS2pGkyLc4SxTMdQXReBGNAwJjm727Wf8VL4bgosIw0MmbEsHWt9f59EtN2iw-y76QPT_7k6roKifgjYFPU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Feb 2022 17:29:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOMI9QRc692xWxT3hGfaCU&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F31C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFKZHHpIUguYFo44vULkaO8&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFKZHHpIUguYFo44vULkaO8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNWYErAKr6ggWSU29lSbLavjYX-mQI8L4PmUsLBhJIyx96RWvrUN2nnTLYxfy6PsbKX_BxsmcfVnNzvr0hkCku1ZNyoS7jlrZS2pGkyLc4SxTMdQXReBGNAwJjm727Wf8VL4bgosIw0MmbEsHWt9f59EtN2iw-y76QPT_7k6roKifgjYFPU
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:31 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a49fa451-d2aa-4b28-99fb-0d792d612e72
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFKZHHpIUguYFo44vULkaO8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F31C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjY4MTY2NjU4Mjc3MzQ0Ng%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjY4MTY2NjU4Mjc3MzQ0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNWYErAKr6ggWSU29lSbLavjYX-mQI8L4PmUsLBhJIyx96RWvrUN2nnTLYxfy6PsbKX_BxsmcfVnNzvr0hkCku1ZNyoS7jlrZS2pGkyLc4SxTMdQXReBGNAwJjm727Wf8VL4bgosIw0MmbEsHWt9f59EtN2iw-y76QPT_7k6roKifgjYFPU
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:31 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0d2bc1e7-cd3d-4d5b-8150-cc2d9c18b802
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjY4MTY2NjU4Mjc3MzQ0Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 72DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfHtztHWFoPsOYw2vkenec&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfHtztHWFoPsOYw2vkenec&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNXXiPNYPu5gCaouTz93RUltfy52vAbLHpIVOrw98mI69gobIFyGbL-gTCRWTdmxPf68EMdzwPYi9vXcwkyNCV9jwKR2qMTMOU6UfZx4N6CwK_FYkt8Gg2h0sZybjvNdwHHt06F9kv6yw0bJj60hsISJxB0Kn5czWDlv-jIrNtVdaDS1b3I
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfHtztHWFoPsOYw2vkenec&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 72DA 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNXXiPNYPu5gCaouTz93RUltfy52vAbLHpIVOrw98mI69gobIFyGbL-gTCRWTdmxPf68EMdzwPYi9vXcwkyNCV9jwKR2qMTMOU6UfZx4N6CwK_FYkt8Gg2h0sZybjvNdwHHt06F9kv6yw0bJj60hsISJxB0Kn5czWDlv-jIrNtVdaDS1b3I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 72DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA7BtmjIZyf_V_UhYh1eaSg&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA7BtmjIZyf_V_UhYh1eaSg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNXXiPNYPu5gCaouTz93RUltfy52vAbLHpIVOrw98mI69gobIFyGbL-gTCRWTdmxPf68EMdzwPYi9vXcwkyNCV9jwKR2qMTMOU6UfZx4N6CwK_FYkt8Gg2h0sZybjvNdwHHt06F9kv6yw0bJj60hsISJxB0Kn5czWDlv-jIrNtVdaDS1b3I
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 19 Feb 2022 17:29:31 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEA7BtmjIZyf_V_UhYh1eaSg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 72DA 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiqhu_AATAB&v=APEucNXXiPNYPu5gCaouTz93RUltfy52vAbLHpIVOrw98mI69gobIFyGbL-gTCRWTdmxPf68EMdzwPYi9vXcwkyNCV9jwKR2qMTMOU6UfZx4N6CwK_FYkt8Gg2h0sZybjvNdwHHt06F9kv6yw0bJj60hsISJxB0Kn5czWDlv-jIrNtVdaDS1b3I
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 19 Feb 2022 17:29:31 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 8418
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAsvuOXLAlrKpBUrIUk6gJ0&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAsvuOXLAlrKpBUrIUk6gJ0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGJDp854BMAE&v=APEucNW933Si4FVusnfa3iIgiEgI1YpH_6IMumqjEMKLScukF5QBepEc6GWRqsqndPEEp-b4nOcgk3K1tYbsnzsaKxx1ZPamWi105mydBD6Gon4_Y4o608GsBDH4BChzuXen6mIb1HX9sYRyo7tegb0jJrOpfsWNiFoi-AhsLGbke-Rj7rsz_3E
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 17:29:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
118
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAsvuOXLAlrKpBUrIUk6gJ0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8418
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2Y5Y2M0YWMtOTFhOS0xMWVjLWIzYjYtMTg2Y2Q1NmUwMzA2
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2Y5Y2M0YWMtOTFhOS0xMWVjLWIzYjYtMTg2Y2Q1NmUwMzA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGJDp854BMAE&v=APEucNW933Si4FVusnfa3iIgiEgI1YpH_6IMumqjEMKLScukF5QBepEc6GWRqsqndPEEp-b4nOcgk3K1tYbsnzsaKxx1ZPamWi105mydBD6Gon4_Y4o608GsBDH4BChzuXen6mIb1HX9sYRyo7tegb0jJrOpfsWNiFoi-AhsLGbke-Rj7rsz_3E
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 19 Feb 2022 17:29:31 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2Y5Y2M0YWMtOTFhOS0xMWVjLWIzYjYtMTg2Y2Q1NmUwMzA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
115
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 8418 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGJDp854BMAE&v=APEucNW933Si4FVusnfa3iIgiEgI1YpH_6IMumqjEMKLScukF5QBepEc6GWRqsqndPEEp-b4nOcgk3K1tYbsnzsaKxx1ZPamWi105mydBD6Gon4_Y4o608GsBDH4BChzuXen6mIb1HX9sYRyo7tegb0jJrOpfsWNiFoi-AhsLGbke-Rj7rsz_3E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 4DA5 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
Origin
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Feb 2022 16:13:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame 4DA5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-LEjwiS5nziyLG2P-u6KZUlcHg4p1NHO6TiXJEocfbGEV3sEVP94ToKhNlDdrGEeMnJZi1bZFlvL6q9QA2sYNGkpdSl7xVPFL0zCffr52Ua1VJhfWFMTd4RwWxXUeEbk3XEqYFDhNPBegPEOQTWmCG4XhPw&dbm_d=AKAmf-CQRq47HRBAKhuvPbJFy0FMLgygQARqXkovZJAARXzcgeWR5aQr6kIGc7luseiPLHrbv1Fi70PgE2vt2jZ9UEJwyWMDEpfzMMmHrKWB9DgOjhUTZPsNwUJrX6V2X9rN74uKwFIkRW4v2Dp1yoXgRT9cEqby4BnQClDx1SRMGun_lHmqA2MgGZT0H2Tb5TdeK29SLN6pw8Ey4gtTanE5R22AFgWqsXgdazSmCbDGxH8DMiugAx4HVwm93Wy42B5cAf8pLdyi0sgvVx0jBwd6cQAGTffw7JoMhG8IG4BGFWWVfVGag2Yj2hYthflAbvCPbLOPgIhmKJ9NMv5IMreiV-kGEnHNGT-ATBv8qW6u23pHs8vaPlLlMpgdQquQ2_Iri9HXW4oo81jFJbOJtdhD1XhFqeS0t8hcdq1vc09v8aTDFmb9aWHUmhuaNaI-YV4x9QwQqZigrP7s05E6bMFP6I40H-eNZoeXK0it8HsZQfGEfI_3X7203PgYcE_J3xRWBG1Ppq9IROKvD5oe6ZtvhpChke3KVVFPLBl7FaJd3oS6eQygabEvKtBuXadfun4LA77N49YGr5-BN80qe25t4578fUljDq7AhIZqSS3QPohrPdugyelq20uB9j8gS3GvBKaHJWr_HS0cAZwqKKnr8G3RHaam2LKXsD6RJ6ZCe6wE-p48EYIqlZJY9v1mxx3jFaQOjZWZavRLFPfPdabOjHLXM4e0ZJjpUHp7Gas9E10DGxVT1PtwyCfihOQ2x9yDbVfWgnC0b80blnfmT6bpQP4zV_NSMXZ0MMWfcOobuxzdZcCkDHq4IS11vjnv0Y-U7d0fgvyNjinYvCrNkxauJF0VrqIZPWW45_jP40t-Zw3XListbd1KP3-FkR_pRGe-eV5b95Xi1X4CcN2YUVapEf99DJjeXHEhVRds8jn_FQpMBiBmDLaaIPpUs0Ynp8ILoyr8Z5Pg1kZVOV32bm_gqnCD6__bjt_MAdOOjRk8XnRotViVFENNq9zqZESQ3X9WlWHU2a_mt7MRIntcey2WSFA-D2KQ2vIVJ44luS9gedR0ZvazIGyxM-BtTlgqGmTVUqT9ux4qYuLiB8bjn7LkAuRR5Am5Su0-w_Fgz5ngyn9FbRlIXnv8GsZADtKPZlWNVkh1m39QiuuOsSLtadPSyppvdBK7eI8fHQWb4dybgUhWJKV4g7VWapxqb-q0bVEmfq1fKqZGHjUIxVCLVFAAtItIa2brXYKeR6ektXkjdM5rJKUX-ffm1J0yvxStfCFTM_0aoMFUaG53p0giqDqq2B6k6jAz38lItuzQ5kLXjDy6S3aCTNqAcqebGcpW6iU2c_0Dz50De-N23on28xqPz8Aoy2A9Dphwzgoo9GzWQIP28P-TUAwCuU2BksWuomcGbnGDYQkI3XiE_Lj_d9IHuEEg5pvtZyHZjiLSDL4MkTNiXbjJYXFOoD3-rnF-xWfsRyIzmGDWf86w6M83JoQhgBMqbvCnCzzkrJYZvra_0HiWLwrF-6v7wp3zWKwkKQHIbIMA_RKBCMAyb09vkCewt_TQafmpLIVevIJUSIa8S29Bzbd-SLf2rWCBL9K1s3BQtklw9C88fixtUBZyHJeX61XSw7F51H1juIs_qxtaWGFQHZa_xtg39riVrTvPG9SaqQHt4xwHORWsTpHZFhUXezQ0NkiTODI8ZkqrzN6OQT8UgvsmbX9x26isZ33XMgGVrkwsJs5dB27bBdOZPI4Z_yGlzA4V8WxRzYQplnT3hUM-hh34HRzOPBIYpgVBuI5jVDMMkb85Sptqf4mIJGwaSRQnESj2NruGq8KMSrI1xMxtILY88Ic400V-by5zgN8iIqhm0nm9VLa1x61dFyV7_69GI0XK5QjVszCewlAYBKVIVrKsV5_XyWT74pQzZxPiVpdPvVyehqnnChkP1j1mcRfnysxfRhsoLCId-FF6BYCsg2iHLQVll4lSRgRBOsQOblbhmHJXGKVpBmIRdccnGGT1dHr80uQ-3QIeV42y2tSuMPs4vYHI8X0QX9T7NcdXX4pfw3Bba7sJhiv6hj9tn9iilYKse3Q647SghEd44_Yg7nkpwzbUKOX6SXEKVm92ajmHMfXCmfB92z7Hq3AhiG6ADDc4DidOZOqhF8WXyiG9d_RdWN_ne__YHHL2UA5KgbIAyoXjiZas7QALGcXm1PwZEgLYVIVAETxChfYxClrM3eiKAXb5fLqVYtTvA4lEAMykehIOMXpCKwh7oFI_Q6zPVQyqHwFnqEG_y63Z62vtOArq_ldHDWfOImCrMHJ0SZfYB_uXxZ0Bn0roNK6PGNdN8K2wmBGzHPmG-4RO5pYCMpVcOrTBg9USMuABBbn734YZvds8qSIGKULSRH1pBhdcZU0djfBjJ1mUPrWtXvMeD6rpi902vDLh38i9rIww11jJcKQRuhrPBHvV6NWMPyA9n39ZyeCVS6rBU7xBLfqOtAAwvonl1Qq-ukUIvtzfp0o8kr10B-N0J5nUGxxYXJhSjKrpm-i8JGWY8olGTUgi9Mj3w814F8OkHDBN3S0QX51GUouebbPHHX2ltz6tV_PRiwfiw7xjFQgnrNIrIbGPq10iVTrP023DzMz_kTH3Bp3Hp2YliTnI42yJeWJ5Ka7m5IrXWrhrssbEmL5tsvckpM3Ifw0c3g6s1V-hgxfSRrKaLvFOmZqYo341QQbz34YVHnVTE0_lbwYZPY5DVH7g3hciEF5SXZWx7zoepM5kLo4yuBayOV0D1kOkye1hqRX6tLKJOy2XKMrRLYotfeEVIO8Ktd3wUq02IuyyjotSF5IC2a7z_32TBaVM7hCxSJGv1xPVxZeFLNE5RyLh6JSH520oH9R80EuUl_DrvZJnYD4DB6DEjaekuEDD_StIBipOyavLzomcWkSLbesC047n4mZ1gviH5NAH4mx5zRo2141EffPdhIZFwpbQdx8d4lKAJZ3WgJh34yhCgLx3edG16PbbMWCzo8InKt6WTiD_nlZjzxBzYZhsf2C4Ww7rkDXLgguKgsYIBBbxmGGBs27BgR_ryJ4u26gmaYYnW668IUz7WgRCKbujTQpdv1XIuQJ1j-Ew9C-VmOkQF27WOQ9G5LomLrVxiBmQzGEIZy1HBE_hcJQhSu1lS-8ui9F4Ij1hKWiNLl6t4R7G6buzxvZ4ThDnFHZzFCyBmwj4BpATzD5RkGtQEA5Q3hAQAwyu4oSGCVy2dQjY-k3I03GOnynQtcniofYU5TUQ-674McrzyKKf-fHGQ3ofzzYPBFfSdecIL0zwU4utQWNpSZahhjHbhTzOigIfMMt6cEpVCNqasnZu2wmSGYjVh1qhvPhOKcpbyR2JVsa0VzvZTzAYxLaDcRkXo1A&cid=CAASFeRoVXcMBTgOdNGECp5hMbqZ8LaTZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:23:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 4DA5 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-LEjwiS5nziyLG2P-u6KZUlcHg4p1NHO6TiXJEocfbGEV3sEVP94ToKhNlDdrGEeMnJZi1bZFlvL6q9QA2sYNGkpdSl7xVPFL0zCffr52Ua1VJhfWFMTd4RwWxXUeEbk3XEqYFDhNPBegPEOQTWmCG4XhPw&dbm_d=AKAmf-CQRq47HRBAKhuvPbJFy0FMLgygQARqXkovZJAARXzcgeWR5aQr6kIGc7luseiPLHrbv1Fi70PgE2vt2jZ9UEJwyWMDEpfzMMmHrKWB9DgOjhUTZPsNwUJrX6V2X9rN74uKwFIkRW4v2Dp1yoXgRT9cEqby4BnQClDx1SRMGun_lHmqA2MgGZT0H2Tb5TdeK29SLN6pw8Ey4gtTanE5R22AFgWqsXgdazSmCbDGxH8DMiugAx4HVwm93Wy42B5cAf8pLdyi0sgvVx0jBwd6cQAGTffw7JoMhG8IG4BGFWWVfVGag2Yj2hYthflAbvCPbLOPgIhmKJ9NMv5IMreiV-kGEnHNGT-ATBv8qW6u23pHs8vaPlLlMpgdQquQ2_Iri9HXW4oo81jFJbOJtdhD1XhFqeS0t8hcdq1vc09v8aTDFmb9aWHUmhuaNaI-YV4x9QwQqZigrP7s05E6bMFP6I40H-eNZoeXK0it8HsZQfGEfI_3X7203PgYcE_J3xRWBG1Ppq9IROKvD5oe6ZtvhpChke3KVVFPLBl7FaJd3oS6eQygabEvKtBuXadfun4LA77N49YGr5-BN80qe25t4578fUljDq7AhIZqSS3QPohrPdugyelq20uB9j8gS3GvBKaHJWr_HS0cAZwqKKnr8G3RHaam2LKXsD6RJ6ZCe6wE-p48EYIqlZJY9v1mxx3jFaQOjZWZavRLFPfPdabOjHLXM4e0ZJjpUHp7Gas9E10DGxVT1PtwyCfihOQ2x9yDbVfWgnC0b80blnfmT6bpQP4zV_NSMXZ0MMWfcOobuxzdZcCkDHq4IS11vjnv0Y-U7d0fgvyNjinYvCrNkxauJF0VrqIZPWW45_jP40t-Zw3XListbd1KP3-FkR_pRGe-eV5b95Xi1X4CcN2YUVapEf99DJjeXHEhVRds8jn_FQpMBiBmDLaaIPpUs0Ynp8ILoyr8Z5Pg1kZVOV32bm_gqnCD6__bjt_MAdOOjRk8XnRotViVFENNq9zqZESQ3X9WlWHU2a_mt7MRIntcey2WSFA-D2KQ2vIVJ44luS9gedR0ZvazIGyxM-BtTlgqGmTVUqT9ux4qYuLiB8bjn7LkAuRR5Am5Su0-w_Fgz5ngyn9FbRlIXnv8GsZADtKPZlWNVkh1m39QiuuOsSLtadPSyppvdBK7eI8fHQWb4dybgUhWJKV4g7VWapxqb-q0bVEmfq1fKqZGHjUIxVCLVFAAtItIa2brXYKeR6ektXkjdM5rJKUX-ffm1J0yvxStfCFTM_0aoMFUaG53p0giqDqq2B6k6jAz38lItuzQ5kLXjDy6S3aCTNqAcqebGcpW6iU2c_0Dz50De-N23on28xqPz8Aoy2A9Dphwzgoo9GzWQIP28P-TUAwCuU2BksWuomcGbnGDYQkI3XiE_Lj_d9IHuEEg5pvtZyHZjiLSDL4MkTNiXbjJYXFOoD3-rnF-xWfsRyIzmGDWf86w6M83JoQhgBMqbvCnCzzkrJYZvra_0HiWLwrF-6v7wp3zWKwkKQHIbIMA_RKBCMAyb09vkCewt_TQafmpLIVevIJUSIa8S29Bzbd-SLf2rWCBL9K1s3BQtklw9C88fixtUBZyHJeX61XSw7F51H1juIs_qxtaWGFQHZa_xtg39riVrTvPG9SaqQHt4xwHORWsTpHZFhUXezQ0NkiTODI8ZkqrzN6OQT8UgvsmbX9x26isZ33XMgGVrkwsJs5dB27bBdOZPI4Z_yGlzA4V8WxRzYQplnT3hUM-hh34HRzOPBIYpgVBuI5jVDMMkb85Sptqf4mIJGwaSRQnESj2NruGq8KMSrI1xMxtILY88Ic400V-by5zgN8iIqhm0nm9VLa1x61dFyV7_69GI0XK5QjVszCewlAYBKVIVrKsV5_XyWT74pQzZxPiVpdPvVyehqnnChkP1j1mcRfnysxfRhsoLCId-FF6BYCsg2iHLQVll4lSRgRBOsQOblbhmHJXGKVpBmIRdccnGGT1dHr80uQ-3QIeV42y2tSuMPs4vYHI8X0QX9T7NcdXX4pfw3Bba7sJhiv6hj9tn9iilYKse3Q647SghEd44_Yg7nkpwzbUKOX6SXEKVm92ajmHMfXCmfB92z7Hq3AhiG6ADDc4DidOZOqhF8WXyiG9d_RdWN_ne__YHHL2UA5KgbIAyoXjiZas7QALGcXm1PwZEgLYVIVAETxChfYxClrM3eiKAXb5fLqVYtTvA4lEAMykehIOMXpCKwh7oFI_Q6zPVQyqHwFnqEG_y63Z62vtOArq_ldHDWfOImCrMHJ0SZfYB_uXxZ0Bn0roNK6PGNdN8K2wmBGzHPmG-4RO5pYCMpVcOrTBg9USMuABBbn734YZvds8qSIGKULSRH1pBhdcZU0djfBjJ1mUPrWtXvMeD6rpi902vDLh38i9rIww11jJcKQRuhrPBHvV6NWMPyA9n39ZyeCVS6rBU7xBLfqOtAAwvonl1Qq-ukUIvtzfp0o8kr10B-N0J5nUGxxYXJhSjKrpm-i8JGWY8olGTUgi9Mj3w814F8OkHDBN3S0QX51GUouebbPHHX2ltz6tV_PRiwfiw7xjFQgnrNIrIbGPq10iVTrP023DzMz_kTH3Bp3Hp2YliTnI42yJeWJ5Ka7m5IrXWrhrssbEmL5tsvckpM3Ifw0c3g6s1V-hgxfSRrKaLvFOmZqYo341QQbz34YVHnVTE0_lbwYZPY5DVH7g3hciEF5SXZWx7zoepM5kLo4yuBayOV0D1kOkye1hqRX6tLKJOy2XKMrRLYotfeEVIO8Ktd3wUq02IuyyjotSF5IC2a7z_32TBaVM7hCxSJGv1xPVxZeFLNE5RyLh6JSH520oH9R80EuUl_DrvZJnYD4DB6DEjaekuEDD_StIBipOyavLzomcWkSLbesC047n4mZ1gviH5NAH4mx5zRo2141EffPdhIZFwpbQdx8d4lKAJZ3WgJh34yhCgLx3edG16PbbMWCzo8InKt6WTiD_nlZjzxBzYZhsf2C4Ww7rkDXLgguKgsYIBBbxmGGBs27BgR_ryJ4u26gmaYYnW668IUz7WgRCKbujTQpdv1XIuQJ1j-Ew9C-VmOkQF27WOQ9G5LomLrVxiBmQzGEIZy1HBE_hcJQhSu1lS-8ui9F4Ij1hKWiNLl6t4R7G6buzxvZ4ThDnFHZzFCyBmwj4BpATzD5RkGtQEA5Q3hAQAwyu4oSGCVy2dQjY-k3I03GOnynQtcniofYU5TUQ-674McrzyKKf-fHGQ3ofzzYPBFfSdecIL0zwU4utQWNpSZahhjHbhTzOigIfMMt6cEpVCNqasnZu2wmSGYjVh1qhvPhOKcpbyR2JVsa0VzvZTzAYxLaDcRkXo1A&cid=CAASFeRoVXcMBTgOdNGECp5hMbqZ8LaTZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:28:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:28:12 GMT
t
t.lkqd.net/ Frame E477 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:31 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:31 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame B46C 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdqlFdYBEr5NtrYB1cRoyT0IWF4cvbGFI0sYGEw43Wwdje3sIChgJl8hsuASqBd8uMDF8eU6NYczZ4fnB0XRrPphUaUKExD2kR9zqyJ7nYaa5nG57yMgTv4IJbkApiIX39O7ZPHLxhs2CzE5yjyKGSut77Ug&dbm_d=AKAmf-ArHufKDYkkmbmjG-0uJeQ2YtPXUrpjMUeRAjQluG6_d0eHrcTYXANM2oydQHcnzQZsgORF4IXopT56pzIV7oNdFc0HjroJLyBUi5L-kj3gHazlhzRX85mP4FNCuuIHFh8xUB6k_8kLokV-LMU8sNjBwNO8zICQWSUAyMDoglABtDygzeJ5xPa_CwAYHrshZ_lBYDEfy5YbR-Kgn9F7YRmQVfu7kaWc9Bjr-oICyM3boBDkpGLLeUMWTv3Zsw6DLbv7YkDjsZjfQSVyWQJkx5lEcZAY5RrIX2XzMWqPvks1PbVFvYS_r1JIT5S1fvvYidCuLRC6V1bOOnwVeBQMsztgXpdWXo60QAC465yVa1yJ4CIHLBduECxMhLefR1NER1W148ZnMPo3lJyVRrWbev-dQ_wJu_k07CL0B67-orA--aUu1SQqqZTt0dwD5hhF83is7jJUTOpMwROi0LDgUdMelwebaRj78yXozv0ywVZinR1CM-zKCOWFKhv-c29JiE5KPOOvfnHr5Vbi9LpiQ4txwcSQti9xBdx77kHSFUsQ7DeTwt5xVV-peSOtArGCXhZXW-We7NwSQp5A6oGfe0jSydPkGMVc-B_QK3rv4u0J0DsSgUhcw7At_ar-57M5sQDfHknz-e_zmiEca7d7R_pazYNTVMwUALkMo1RvaAN7mhC7DgzRqTi3DKYndqN8knqX2jhStrjsoExBoj6uMd5AfiQdNinTb03amzP5rAcYn6Q1I5boq0kSMZE7lEXrOOlFLcdYyAX2WGp72aME2WCaXZ8rFNfYlqyPzczhLxcVsT_ntmrIrcOcMdp4S-gssoYSMqbkJKlx9eYUVQVjhMzaM-ghxOdO4D56pd4EynC_ug_Ge5MnIDLm5Tl_MnQ4jDt3KQ1Du3wifKcrC243IXv4lvfGGmL_SjMkDuwBEk_0RcVrQdBiPDmj5p3b-EzghHB5c2Jpolxb0rgnWwVt9jaoy3r5Od-YaAGFWX8fxhzYboLDyvLsKXgsrG45u0yOMLRPkqFmNhohN7E38-efJttiAZ-BMyVPLs1zTYJnSeg_-Zxbam-KmZRlY5OuVJmiHBenidSBFK69LF5Ak39ZXDwAx-5e6yKN7HGM_dXqmT_xOphOmgKzgd6S6kS06HPFMuIGBp-yAKvByctOY0O3ZK_iwiSXSuBLDD3Nc42vA9tWUADSZgvQ96RshOfNcpG6p9mDpHT_Lzah6WDrCfjJz_g4x50AjjJgzjZK7DqPxvp4vrvr51h3ladTUCAmMxSDbtA_S2699AjYPckA7ar4Igbg1w6jCjbJQupHcIOWUK-cwesUIUKiPf7_OuptPy5grbpqGR5a0g6JUspgl8e8z3BkMqWy032nk7orBzkUrxAUe9eakPhhCqbWf930xY9twiu7ah8MCV5EMtOAWuO1iBzuwPqWuGX05ib4nQQNG2XKBjFWIEsIUll7Q_3PtCp_hptaLkbBJtkSu4tWo1a2PvyqpOsx_7DFvp1ZQxYvPESaLrA0ouN1WLtk_Ndq_6DKHy03VrB14YnPgZc9b3Ip9V3JEpfVqwWaXW6-ir20b3HMNc0iirFSUZpYlam8FJwZK-Bp6cFIkjh2vG4IPjZ5FWnqzKuqmoRzFIra6M8Q0Zb1Xhdel8uSQApf-rC7bPVbMvdCPg9WS6w7vbu3UrLSTZo60O1dVoyqCmHGNLJzj9kiJwZ6lOFcS1R4WENV7n1mfY3kwZBmb9V_SOwWZ1tlNCyOi4dDavPF2Lgg6jbC6kYF7AhEoxlFUaBMPGx-X6Xq6tctcgUaVfyMza4UR4cnJCUIzilGIeD8qDlyiHBuH-xdspgM7H94pc1buHEigKhhfDaRooODzG_NBiBZmiOklsRdMuSfOjtnh7dGYkyj0ipzXfvuMxKCYq7L4BkBRlUqqR7tvwYlYmYRqL83KxT50l6AtSjaxAQgkGh4wGv5VfSmRC8Z7XShr4k4S5DDd3Y7guCVK24ifbgdN8_X1qgox5oVaQU8o0dQPOtkIQdHuT_0ttMP-RjF6s2EN2oJ0Omg_-qrtm04fygm51Nyef0fwpR6fCiSVpjDBnOMu6qUOb66aahYKIqfN-wUigdb2A6RpCFaKWU4To-zfuO7T8QKOz8HrsilGeCTqaeIizp_sN6UPtQLMVxQP5HrkoCuNCwHN50k9qAOnfvlXNmiS0ZcM9I8twlzZtwjiouoFgD0VBLldmwupM55DUqJM_qiICUlxgWwQ7W4gy48-t1n6gWaLeHrV51mLZc_Bu2aZa-e126oZ3sQhfmyyfBS2dDeZgTDdjzbVJIlRrD5bEQV7BTpRk-OR9L3KDKgOXf4EFmcwZWV4cFcV2dLsL-ND0KmG5e1ioQtFdaOqHnqzfZpjPgbPbmRL87TmmaMW14qmxIH6r4ILBZaroBKdt7ksP7cgDxytUY82kYRCsYP9aK7aLLP05_OvJBt93Sp1Bl52SiGW7IRpCoz_VwzUp7E1zKIYn5XD8bwhRo2Oi7-I_vPopf0H9Agxa-oG6f_mZdmHBhvnPCY20KfzG47holsMkCD2tCUhI1YJY8OdOl0L5RL7EStNVO3yPCy9E9FYIly_eY0Zu3NVNoHd3ymawj-hjM2Xp4HOekEveMkSfFVR6MJMWG0Z0EN_DVUMTY9O9Cl7gMWAG-yHfCfzot9yDIlKOZ6q6Pp6-7nMNHqjf3uyD9OjKK4zSbzWVhKm3__TXb3hccpkkWDsKLdViFqKeaCCUptEsPMpNpB1UU_3Jt8j_loVbGhbRgzpo7vSJZsGFaoTISDldH5gJ5tXLKIJAGypkbga_wjASYcVk55crOdRE35dceVAPRxvTqMnwAQyRBXnWW2Hhr68tQPDUxUS-K-O-FShAkoPON9ChftEZZe6njSUq2bu4e3AI93e9nYal0abCETAmPHV0333DR8YwTrNBpsdIqtTTeujVCiZaRx6WgfINAkgJoxSbl8wZxGpKo8psX3P4oXt9EbFdKTK5EEP9nm5YhhpZVJOWajgc_6aRX7fEms_eyPw24Z2ENjQ-iIPrkG-p9YPZul3E1VrLhQZjmv-Ybj2bUiMmXQO7Kru8A98q2D9-47eLLoU669bH5OrUAhFCQcc-G4ZRCpL4_Dr2x94WXv60zdKshsJ3Pttvu9vAP-CMv8Wgc_ssLLTdNT5trLSaiArBJmeIEbI331xD8prbWbIse2zabJMLbu3FMkUf7ukKLi9IcM9HGIVaEXxf3jlZDz_pIavaIx5JYam4TGxZDaMHQXJnVkGmeVbZM0DigPZVFxNspS-ogNWuHOQ25G5rl5scN3xwJvtqYAc8uo0s_u1Frfz5ei2HzSNjMQzo96U7yFovMfUg&cid=CAASFeRo-A8eUaQSb7Ma8dafUmkm7L0PAQ&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:28:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:28:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame B46C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdqlFdYBEr5NtrYB1cRoyT0IWF4cvbGFI0sYGEw43Wwdje3sIChgJl8hsuASqBd8uMDF8eU6NYczZ4fnB0XRrPphUaUKExD2kR9zqyJ7nYaa5nG57yMgTv4IJbkApiIX39O7ZPHLxhs2CzE5yjyKGSut77Ug&dbm_d=AKAmf-ArHufKDYkkmbmjG-0uJeQ2YtPXUrpjMUeRAjQluG6_d0eHrcTYXANM2oydQHcnzQZsgORF4IXopT56pzIV7oNdFc0HjroJLyBUi5L-kj3gHazlhzRX85mP4FNCuuIHFh8xUB6k_8kLokV-LMU8sNjBwNO8zICQWSUAyMDoglABtDygzeJ5xPa_CwAYHrshZ_lBYDEfy5YbR-Kgn9F7YRmQVfu7kaWc9Bjr-oICyM3boBDkpGLLeUMWTv3Zsw6DLbv7YkDjsZjfQSVyWQJkx5lEcZAY5RrIX2XzMWqPvks1PbVFvYS_r1JIT5S1fvvYidCuLRC6V1bOOnwVeBQMsztgXpdWXo60QAC465yVa1yJ4CIHLBduECxMhLefR1NER1W148ZnMPo3lJyVRrWbev-dQ_wJu_k07CL0B67-orA--aUu1SQqqZTt0dwD5hhF83is7jJUTOpMwROi0LDgUdMelwebaRj78yXozv0ywVZinR1CM-zKCOWFKhv-c29JiE5KPOOvfnHr5Vbi9LpiQ4txwcSQti9xBdx77kHSFUsQ7DeTwt5xVV-peSOtArGCXhZXW-We7NwSQp5A6oGfe0jSydPkGMVc-B_QK3rv4u0J0DsSgUhcw7At_ar-57M5sQDfHknz-e_zmiEca7d7R_pazYNTVMwUALkMo1RvaAN7mhC7DgzRqTi3DKYndqN8knqX2jhStrjsoExBoj6uMd5AfiQdNinTb03amzP5rAcYn6Q1I5boq0kSMZE7lEXrOOlFLcdYyAX2WGp72aME2WCaXZ8rFNfYlqyPzczhLxcVsT_ntmrIrcOcMdp4S-gssoYSMqbkJKlx9eYUVQVjhMzaM-ghxOdO4D56pd4EynC_ug_Ge5MnIDLm5Tl_MnQ4jDt3KQ1Du3wifKcrC243IXv4lvfGGmL_SjMkDuwBEk_0RcVrQdBiPDmj5p3b-EzghHB5c2Jpolxb0rgnWwVt9jaoy3r5Od-YaAGFWX8fxhzYboLDyvLsKXgsrG45u0yOMLRPkqFmNhohN7E38-efJttiAZ-BMyVPLs1zTYJnSeg_-Zxbam-KmZRlY5OuVJmiHBenidSBFK69LF5Ak39ZXDwAx-5e6yKN7HGM_dXqmT_xOphOmgKzgd6S6kS06HPFMuIGBp-yAKvByctOY0O3ZK_iwiSXSuBLDD3Nc42vA9tWUADSZgvQ96RshOfNcpG6p9mDpHT_Lzah6WDrCfjJz_g4x50AjjJgzjZK7DqPxvp4vrvr51h3ladTUCAmMxSDbtA_S2699AjYPckA7ar4Igbg1w6jCjbJQupHcIOWUK-cwesUIUKiPf7_OuptPy5grbpqGR5a0g6JUspgl8e8z3BkMqWy032nk7orBzkUrxAUe9eakPhhCqbWf930xY9twiu7ah8MCV5EMtOAWuO1iBzuwPqWuGX05ib4nQQNG2XKBjFWIEsIUll7Q_3PtCp_hptaLkbBJtkSu4tWo1a2PvyqpOsx_7DFvp1ZQxYvPESaLrA0ouN1WLtk_Ndq_6DKHy03VrB14YnPgZc9b3Ip9V3JEpfVqwWaXW6-ir20b3HMNc0iirFSUZpYlam8FJwZK-Bp6cFIkjh2vG4IPjZ5FWnqzKuqmoRzFIra6M8Q0Zb1Xhdel8uSQApf-rC7bPVbMvdCPg9WS6w7vbu3UrLSTZo60O1dVoyqCmHGNLJzj9kiJwZ6lOFcS1R4WENV7n1mfY3kwZBmb9V_SOwWZ1tlNCyOi4dDavPF2Lgg6jbC6kYF7AhEoxlFUaBMPGx-X6Xq6tctcgUaVfyMza4UR4cnJCUIzilGIeD8qDlyiHBuH-xdspgM7H94pc1buHEigKhhfDaRooODzG_NBiBZmiOklsRdMuSfOjtnh7dGYkyj0ipzXfvuMxKCYq7L4BkBRlUqqR7tvwYlYmYRqL83KxT50l6AtSjaxAQgkGh4wGv5VfSmRC8Z7XShr4k4S5DDd3Y7guCVK24ifbgdN8_X1qgox5oVaQU8o0dQPOtkIQdHuT_0ttMP-RjF6s2EN2oJ0Omg_-qrtm04fygm51Nyef0fwpR6fCiSVpjDBnOMu6qUOb66aahYKIqfN-wUigdb2A6RpCFaKWU4To-zfuO7T8QKOz8HrsilGeCTqaeIizp_sN6UPtQLMVxQP5HrkoCuNCwHN50k9qAOnfvlXNmiS0ZcM9I8twlzZtwjiouoFgD0VBLldmwupM55DUqJM_qiICUlxgWwQ7W4gy48-t1n6gWaLeHrV51mLZc_Bu2aZa-e126oZ3sQhfmyyfBS2dDeZgTDdjzbVJIlRrD5bEQV7BTpRk-OR9L3KDKgOXf4EFmcwZWV4cFcV2dLsL-ND0KmG5e1ioQtFdaOqHnqzfZpjPgbPbmRL87TmmaMW14qmxIH6r4ILBZaroBKdt7ksP7cgDxytUY82kYRCsYP9aK7aLLP05_OvJBt93Sp1Bl52SiGW7IRpCoz_VwzUp7E1zKIYn5XD8bwhRo2Oi7-I_vPopf0H9Agxa-oG6f_mZdmHBhvnPCY20KfzG47holsMkCD2tCUhI1YJY8OdOl0L5RL7EStNVO3yPCy9E9FYIly_eY0Zu3NVNoHd3ymawj-hjM2Xp4HOekEveMkSfFVR6MJMWG0Z0EN_DVUMTY9O9Cl7gMWAG-yHfCfzot9yDIlKOZ6q6Pp6-7nMNHqjf3uyD9OjKK4zSbzWVhKm3__TXb3hccpkkWDsKLdViFqKeaCCUptEsPMpNpB1UU_3Jt8j_loVbGhbRgzpo7vSJZsGFaoTISDldH5gJ5tXLKIJAGypkbga_wjASYcVk55crOdRE35dceVAPRxvTqMnwAQyRBXnWW2Hhr68tQPDUxUS-K-O-FShAkoPON9ChftEZZe6njSUq2bu4e3AI93e9nYal0abCETAmPHV0333DR8YwTrNBpsdIqtTTeujVCiZaRx6WgfINAkgJoxSbl8wZxGpKo8psX3P4oXt9EbFdKTK5EEP9nm5YhhpZVJOWajgc_6aRX7fEms_eyPw24Z2ENjQ-iIPrkG-p9YPZul3E1VrLhQZjmv-Ybj2bUiMmXQO7Kru8A98q2D9-47eLLoU669bH5OrUAhFCQcc-G4ZRCpL4_Dr2x94WXv60zdKshsJ3Pttvu9vAP-CMv8Wgc_ssLLTdNT5trLSaiArBJmeIEbI331xD8prbWbIse2zabJMLbu3FMkUf7ukKLi9IcM9HGIVaEXxf3jlZDz_pIavaIx5JYam4TGxZDaMHQXJnVkGmeVbZM0DigPZVFxNspS-ogNWuHOQ25G5rl5scN3xwJvtqYAc8uo0s_u1Frfz5ei2HzSNjMQzo96U7yFovMfUg&cid=CAASFeRo-A8eUaQSb7Ma8dafUmkm7L0PAQ&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:23:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B46C 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssv2x-Zd1ASm41TLe7hiseJvdE20nxJ_wu2piMyTBbwkvj9-aEUnRw3dkR-7DlRwdes5_wIl4YdexcE6AI2yyLxJmVBdAsuaWXl3x5vdgJ9a-RGnI8HBEHzX8y5NmNzcqINIkpaZv6ODx_6flrTM4tAxQFrywpy1rUJV3wLO5tImlX1lVhOOkR80CHcRHGl1vPIDQTL9v9S0YMJoXmvgo_YPgrn_mldU7qbDXaehdjTNSBs-_CRSDHkFyKchWQzMJqK4qntluLa1C9xU3cB-Yj69FfWmXdCSjBrUWC59lR2ko7UrCOZIfT5v-xBNUpt98Lpa6jnSJ08aODZVst4GdutXEK2IfHi8uzjiOfpeQuUg9j6XQDhqblD0L-PlD9nAvRnRWmU7q-pMXQeRp4do9IffErElVeuJUWVloGVQGNPWXwB8uPh0GDIRe80OHGQKvoFHOQVThwLHd2bJligYeGbwCkGojElEaTmg8bvayyBADlf5OQSf0Wb0yU9x7qg326LveKL5QOorGEgQiN6rSFdFdGoXdSxqb40G7eZXdUsUim-MsrPoZ2PTnHf4UNluTNFnIrwt1ssRH_keQVx-kWUbgCPjEJQacTZzeqJe3xfCxR3_zPj1FZ4M3uJxCt4DwPdaAI6tipF-d8h-aFRyiRkEEwCZNBZh0pkRUPot2YZ6erntjhCYHApCXrWhfLgJa2GgRSXfaARFtQ8c8seWNT7KgYmvQYffA7oNn6yFB_IMxXlsst7YyHp_S_7u5H_Qx16M1OT5jpJVYaKWB52To0uv__oarcTaZaLssqnrhQGX03bbtbJ1tSDF2fqTtdt1RNOk8OORzkMa5ypW5yyBzkGb45YK-AYnemsSHl3KtwPqlfyrDaUCLSWM_uUP-V3rmrq9z7KCt-tICP2T8VovBEqtThtk7Zz1tNo7o0cvkjwgjnQMYX6CS52UxPeoErA250ql4Bv3yzhNBOzlCSrsuvS9fEdkuFi42gbcbrbM9sBsordlilqsBDPnWn_kiZ3Qpep6I7YDuiUcSM-ea4BokGlIVqdN7m3XxST8A4NkakXJLIG1UEvAJRLiGbHMnC6w4V2oM5q1zn5XtSP3_q9ajl2jZNGK9Kf3Iw86lQk1tcvUZ3-SB50W38AUy2M-Lyw-7IRXoAup2xS&sai=AMfl-YTbwkURDIKHrhsA9Ks5JKkqxQGsfHhVVjqWBtTkhDLwYdfQrt9RlFl9_NwRQuq_eTs4x8LNcI1QfU3DjQHclcsZZZhFNKuXcdkIEd33mACXxntk5Tsv58N7x_FepLZTTlXENyFtf6wC7nSX0h_tMygeAwNt7Ie4l9rP5zA&sig=Cg0ArKJSzIO4KMSFKuYzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220216.88251&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdqlFdYBEr5NtrYB1cRoyT0IWF4cvbGFI0sYGEw43Wwdje3sIChgJl8hsuASqBd8uMDF8eU6NYczZ4fnB0XRrPphUaUKExD2kR9zqyJ7nYaa5nG57yMgTv4IJbkApiIX39O7ZPHLxhs2CzE5yjyKGSut77Ug&dbm_d=AKAmf-ArHufKDYkkmbmjG-0uJeQ2YtPXUrpjMUeRAjQluG6_d0eHrcTYXANM2oydQHcnzQZsgORF4IXopT56pzIV7oNdFc0HjroJLyBUi5L-kj3gHazlhzRX85mP4FNCuuIHFh8xUB6k_8kLokV-LMU8sNjBwNO8zICQWSUAyMDoglABtDygzeJ5xPa_CwAYHrshZ_lBYDEfy5YbR-Kgn9F7YRmQVfu7kaWc9Bjr-oICyM3boBDkpGLLeUMWTv3Zsw6DLbv7YkDjsZjfQSVyWQJkx5lEcZAY5RrIX2XzMWqPvks1PbVFvYS_r1JIT5S1fvvYidCuLRC6V1bOOnwVeBQMsztgXpdWXo60QAC465yVa1yJ4CIHLBduECxMhLefR1NER1W148ZnMPo3lJyVRrWbev-dQ_wJu_k07CL0B67-orA--aUu1SQqqZTt0dwD5hhF83is7jJUTOpMwROi0LDgUdMelwebaRj78yXozv0ywVZinR1CM-zKCOWFKhv-c29JiE5KPOOvfnHr5Vbi9LpiQ4txwcSQti9xBdx77kHSFUsQ7DeTwt5xVV-peSOtArGCXhZXW-We7NwSQp5A6oGfe0jSydPkGMVc-B_QK3rv4u0J0DsSgUhcw7At_ar-57M5sQDfHknz-e_zmiEca7d7R_pazYNTVMwUALkMo1RvaAN7mhC7DgzRqTi3DKYndqN8knqX2jhStrjsoExBoj6uMd5AfiQdNinTb03amzP5rAcYn6Q1I5boq0kSMZE7lEXrOOlFLcdYyAX2WGp72aME2WCaXZ8rFNfYlqyPzczhLxcVsT_ntmrIrcOcMdp4S-gssoYSMqbkJKlx9eYUVQVjhMzaM-ghxOdO4D56pd4EynC_ug_Ge5MnIDLm5Tl_MnQ4jDt3KQ1Du3wifKcrC243IXv4lvfGGmL_SjMkDuwBEk_0RcVrQdBiPDmj5p3b-EzghHB5c2Jpolxb0rgnWwVt9jaoy3r5Od-YaAGFWX8fxhzYboLDyvLsKXgsrG45u0yOMLRPkqFmNhohN7E38-efJttiAZ-BMyVPLs1zTYJnSeg_-Zxbam-KmZRlY5OuVJmiHBenidSBFK69LF5Ak39ZXDwAx-5e6yKN7HGM_dXqmT_xOphOmgKzgd6S6kS06HPFMuIGBp-yAKvByctOY0O3ZK_iwiSXSuBLDD3Nc42vA9tWUADSZgvQ96RshOfNcpG6p9mDpHT_Lzah6WDrCfjJz_g4x50AjjJgzjZK7DqPxvp4vrvr51h3ladTUCAmMxSDbtA_S2699AjYPckA7ar4Igbg1w6jCjbJQupHcIOWUK-cwesUIUKiPf7_OuptPy5grbpqGR5a0g6JUspgl8e8z3BkMqWy032nk7orBzkUrxAUe9eakPhhCqbWf930xY9twiu7ah8MCV5EMtOAWuO1iBzuwPqWuGX05ib4nQQNG2XKBjFWIEsIUll7Q_3PtCp_hptaLkbBJtkSu4tWo1a2PvyqpOsx_7DFvp1ZQxYvPESaLrA0ouN1WLtk_Ndq_6DKHy03VrB14YnPgZc9b3Ip9V3JEpfVqwWaXW6-ir20b3HMNc0iirFSUZpYlam8FJwZK-Bp6cFIkjh2vG4IPjZ5FWnqzKuqmoRzFIra6M8Q0Zb1Xhdel8uSQApf-rC7bPVbMvdCPg9WS6w7vbu3UrLSTZo60O1dVoyqCmHGNLJzj9kiJwZ6lOFcS1R4WENV7n1mfY3kwZBmb9V_SOwWZ1tlNCyOi4dDavPF2Lgg6jbC6kYF7AhEoxlFUaBMPGx-X6Xq6tctcgUaVfyMza4UR4cnJCUIzilGIeD8qDlyiHBuH-xdspgM7H94pc1buHEigKhhfDaRooODzG_NBiBZmiOklsRdMuSfOjtnh7dGYkyj0ipzXfvuMxKCYq7L4BkBRlUqqR7tvwYlYmYRqL83KxT50l6AtSjaxAQgkGh4wGv5VfSmRC8Z7XShr4k4S5DDd3Y7guCVK24ifbgdN8_X1qgox5oVaQU8o0dQPOtkIQdHuT_0ttMP-RjF6s2EN2oJ0Omg_-qrtm04fygm51Nyef0fwpR6fCiSVpjDBnOMu6qUOb66aahYKIqfN-wUigdb2A6RpCFaKWU4To-zfuO7T8QKOz8HrsilGeCTqaeIizp_sN6UPtQLMVxQP5HrkoCuNCwHN50k9qAOnfvlXNmiS0ZcM9I8twlzZtwjiouoFgD0VBLldmwupM55DUqJM_qiICUlxgWwQ7W4gy48-t1n6gWaLeHrV51mLZc_Bu2aZa-e126oZ3sQhfmyyfBS2dDeZgTDdjzbVJIlRrD5bEQV7BTpRk-OR9L3KDKgOXf4EFmcwZWV4cFcV2dLsL-ND0KmG5e1ioQtFdaOqHnqzfZpjPgbPbmRL87TmmaMW14qmxIH6r4ILBZaroBKdt7ksP7cgDxytUY82kYRCsYP9aK7aLLP05_OvJBt93Sp1Bl52SiGW7IRpCoz_VwzUp7E1zKIYn5XD8bwhRo2Oi7-I_vPopf0H9Agxa-oG6f_mZdmHBhvnPCY20KfzG47holsMkCD2tCUhI1YJY8OdOl0L5RL7EStNVO3yPCy9E9FYIly_eY0Zu3NVNoHd3ymawj-hjM2Xp4HOekEveMkSfFVR6MJMWG0Z0EN_DVUMTY9O9Cl7gMWAG-yHfCfzot9yDIlKOZ6q6Pp6-7nMNHqjf3uyD9OjKK4zSbzWVhKm3__TXb3hccpkkWDsKLdViFqKeaCCUptEsPMpNpB1UU_3Jt8j_loVbGhbRgzpo7vSJZsGFaoTISDldH5gJ5tXLKIJAGypkbga_wjASYcVk55crOdRE35dceVAPRxvTqMnwAQyRBXnWW2Hhr68tQPDUxUS-K-O-FShAkoPON9ChftEZZe6njSUq2bu4e3AI93e9nYal0abCETAmPHV0333DR8YwTrNBpsdIqtTTeujVCiZaRx6WgfINAkgJoxSbl8wZxGpKo8psX3P4oXt9EbFdKTK5EEP9nm5YhhpZVJOWajgc_6aRX7fEms_eyPw24Z2ENjQ-iIPrkG-p9YPZul3E1VrLhQZjmv-Ybj2bUiMmXQO7Kru8A98q2D9-47eLLoU669bH5OrUAhFCQcc-G4ZRCpL4_Dr2x94WXv60zdKshsJ3Pttvu9vAP-CMv8Wgc_ssLLTdNT5trLSaiArBJmeIEbI331xD8prbWbIse2zabJMLbu3FMkUf7ukKLi9IcM9HGIVaEXxf3jlZDz_pIavaIx5JYam4TGxZDaMHQXJnVkGmeVbZM0DigPZVFxNspS-ogNWuHOQ25G5rl5scN3xwJvtqYAc8uo0s_u1Frfz5ei2HzSNjMQzo96U7yFovMfUg&cid=CAASFeRo-A8eUaQSb7Ma8dafUmkm7L0PAQ&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 19 Feb 2022 17:29:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B46C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdqlFdYBEr5NtrYB1cRoyT0IWF4cvbGFI0sYGEw43Wwdje3sIChgJl8hsuASqBd8uMDF8eU6NYczZ4fnB0XRrPphUaUKExD2kR9zqyJ7nYaa5nG57yMgTv4IJbkApiIX39O7ZPHLxhs2CzE5yjyKGSut77Ug&dbm_d=AKAmf-ArHufKDYkkmbmjG-0uJeQ2YtPXUrpjMUeRAjQluG6_d0eHrcTYXANM2oydQHcnzQZsgORF4IXopT56pzIV7oNdFc0HjroJLyBUi5L-kj3gHazlhzRX85mP4FNCuuIHFh8xUB6k_8kLokV-LMU8sNjBwNO8zICQWSUAyMDoglABtDygzeJ5xPa_CwAYHrshZ_lBYDEfy5YbR-Kgn9F7YRmQVfu7kaWc9Bjr-oICyM3boBDkpGLLeUMWTv3Zsw6DLbv7YkDjsZjfQSVyWQJkx5lEcZAY5RrIX2XzMWqPvks1PbVFvYS_r1JIT5S1fvvYidCuLRC6V1bOOnwVeBQMsztgXpdWXo60QAC465yVa1yJ4CIHLBduECxMhLefR1NER1W148ZnMPo3lJyVRrWbev-dQ_wJu_k07CL0B67-orA--aUu1SQqqZTt0dwD5hhF83is7jJUTOpMwROi0LDgUdMelwebaRj78yXozv0ywVZinR1CM-zKCOWFKhv-c29JiE5KPOOvfnHr5Vbi9LpiQ4txwcSQti9xBdx77kHSFUsQ7DeTwt5xVV-peSOtArGCXhZXW-We7NwSQp5A6oGfe0jSydPkGMVc-B_QK3rv4u0J0DsSgUhcw7At_ar-57M5sQDfHknz-e_zmiEca7d7R_pazYNTVMwUALkMo1RvaAN7mhC7DgzRqTi3DKYndqN8knqX2jhStrjsoExBoj6uMd5AfiQdNinTb03amzP5rAcYn6Q1I5boq0kSMZE7lEXrOOlFLcdYyAX2WGp72aME2WCaXZ8rFNfYlqyPzczhLxcVsT_ntmrIrcOcMdp4S-gssoYSMqbkJKlx9eYUVQVjhMzaM-ghxOdO4D56pd4EynC_ug_Ge5MnIDLm5Tl_MnQ4jDt3KQ1Du3wifKcrC243IXv4lvfGGmL_SjMkDuwBEk_0RcVrQdBiPDmj5p3b-EzghHB5c2Jpolxb0rgnWwVt9jaoy3r5Od-YaAGFWX8fxhzYboLDyvLsKXgsrG45u0yOMLRPkqFmNhohN7E38-efJttiAZ-BMyVPLs1zTYJnSeg_-Zxbam-KmZRlY5OuVJmiHBenidSBFK69LF5Ak39ZXDwAx-5e6yKN7HGM_dXqmT_xOphOmgKzgd6S6kS06HPFMuIGBp-yAKvByctOY0O3ZK_iwiSXSuBLDD3Nc42vA9tWUADSZgvQ96RshOfNcpG6p9mDpHT_Lzah6WDrCfjJz_g4x50AjjJgzjZK7DqPxvp4vrvr51h3ladTUCAmMxSDbtA_S2699AjYPckA7ar4Igbg1w6jCjbJQupHcIOWUK-cwesUIUKiPf7_OuptPy5grbpqGR5a0g6JUspgl8e8z3BkMqWy032nk7orBzkUrxAUe9eakPhhCqbWf930xY9twiu7ah8MCV5EMtOAWuO1iBzuwPqWuGX05ib4nQQNG2XKBjFWIEsIUll7Q_3PtCp_hptaLkbBJtkSu4tWo1a2PvyqpOsx_7DFvp1ZQxYvPESaLrA0ouN1WLtk_Ndq_6DKHy03VrB14YnPgZc9b3Ip9V3JEpfVqwWaXW6-ir20b3HMNc0iirFSUZpYlam8FJwZK-Bp6cFIkjh2vG4IPjZ5FWnqzKuqmoRzFIra6M8Q0Zb1Xhdel8uSQApf-rC7bPVbMvdCPg9WS6w7vbu3UrLSTZo60O1dVoyqCmHGNLJzj9kiJwZ6lOFcS1R4WENV7n1mfY3kwZBmb9V_SOwWZ1tlNCyOi4dDavPF2Lgg6jbC6kYF7AhEoxlFUaBMPGx-X6Xq6tctcgUaVfyMza4UR4cnJCUIzilGIeD8qDlyiHBuH-xdspgM7H94pc1buHEigKhhfDaRooODzG_NBiBZmiOklsRdMuSfOjtnh7dGYkyj0ipzXfvuMxKCYq7L4BkBRlUqqR7tvwYlYmYRqL83KxT50l6AtSjaxAQgkGh4wGv5VfSmRC8Z7XShr4k4S5DDd3Y7guCVK24ifbgdN8_X1qgox5oVaQU8o0dQPOtkIQdHuT_0ttMP-RjF6s2EN2oJ0Omg_-qrtm04fygm51Nyef0fwpR6fCiSVpjDBnOMu6qUOb66aahYKIqfN-wUigdb2A6RpCFaKWU4To-zfuO7T8QKOz8HrsilGeCTqaeIizp_sN6UPtQLMVxQP5HrkoCuNCwHN50k9qAOnfvlXNmiS0ZcM9I8twlzZtwjiouoFgD0VBLldmwupM55DUqJM_qiICUlxgWwQ7W4gy48-t1n6gWaLeHrV51mLZc_Bu2aZa-e126oZ3sQhfmyyfBS2dDeZgTDdjzbVJIlRrD5bEQV7BTpRk-OR9L3KDKgOXf4EFmcwZWV4cFcV2dLsL-ND0KmG5e1ioQtFdaOqHnqzfZpjPgbPbmRL87TmmaMW14qmxIH6r4ILBZaroBKdt7ksP7cgDxytUY82kYRCsYP9aK7aLLP05_OvJBt93Sp1Bl52SiGW7IRpCoz_VwzUp7E1zKIYn5XD8bwhRo2Oi7-I_vPopf0H9Agxa-oG6f_mZdmHBhvnPCY20KfzG47holsMkCD2tCUhI1YJY8OdOl0L5RL7EStNVO3yPCy9E9FYIly_eY0Zu3NVNoHd3ymawj-hjM2Xp4HOekEveMkSfFVR6MJMWG0Z0EN_DVUMTY9O9Cl7gMWAG-yHfCfzot9yDIlKOZ6q6Pp6-7nMNHqjf3uyD9OjKK4zSbzWVhKm3__TXb3hccpkkWDsKLdViFqKeaCCUptEsPMpNpB1UU_3Jt8j_loVbGhbRgzpo7vSJZsGFaoTISDldH5gJ5tXLKIJAGypkbga_wjASYcVk55crOdRE35dceVAPRxvTqMnwAQyRBXnWW2Hhr68tQPDUxUS-K-O-FShAkoPON9ChftEZZe6njSUq2bu4e3AI93e9nYal0abCETAmPHV0333DR8YwTrNBpsdIqtTTeujVCiZaRx6WgfINAkgJoxSbl8wZxGpKo8psX3P4oXt9EbFdKTK5EEP9nm5YhhpZVJOWajgc_6aRX7fEms_eyPw24Z2ENjQ-iIPrkG-p9YPZul3E1VrLhQZjmv-Ybj2bUiMmXQO7Kru8A98q2D9-47eLLoU669bH5OrUAhFCQcc-G4ZRCpL4_Dr2x94WXv60zdKshsJ3Pttvu9vAP-CMv8Wgc_ssLLTdNT5trLSaiArBJmeIEbI331xD8prbWbIse2zabJMLbu3FMkUf7ukKLi9IcM9HGIVaEXxf3jlZDz_pIavaIx5JYam4TGxZDaMHQXJnVkGmeVbZM0DigPZVFxNspS-ogNWuHOQ25G5rl5scN3xwJvtqYAc8uo0s_u1Frfz5ei2HzSNjMQzo96U7yFovMfUg&cid=CAASFeRo-A8eUaQSb7Ma8dafUmkm7L0PAQ&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Feb 2023 16:13:41 GMT
17791661854592035317
s0.2mdn.net/simgad/ Frame B46C 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17791661854592035317
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc494bf4181bd97c5f56b9bdb0efb0d6ba4722a78cd947d51a2753adbabecbe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 14:52:20 GMT
x-content-type-options
nosniff
age
355031
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80248
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 20:25:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 14:52:20 GMT
17791661854592035317
s0.2mdn.net/simgad/ Frame 4574 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17791661854592035317
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW1Yn6JDWMY-Qrm-0sb2GtujFYCmSk-lhO2QPIr0qjtgFvJxDuRAZjAsrZ1S7B_1vhuagw0Cf2g1LAByXmi_dc8VGcipHNW4fLK_o97nGcB2CmnedJfX4Nso0vxEDTPKqnoTxHj9x5qc-LJ7Brofj3LIVcyQ&dbm_d=AKAmf-D4e1Z768h1u-1_Kuu7lVEkQgYHHCNucNxIA7gGUiynje_Ml9yzU16LBcbXapDPlp4KvMbMaBTJRIXMjYA6BITz_9LdV7WX8z8MJGgeEu_HYayUBSPvwB2x5HUv4tPhxMZ9tgCY8ujTANjO9hYg9OrW-B5_7b6_gKTLHZE_lnwU4zfeOJCEipX5YslamrESLe2caH57prab0_ED_dQe3RgC2EsUzyyKBE-kKIQ32SFivn1vDRF3JVPix7qG2numggSMEtIpeOEVBbzpC6QDGt9lR0WaohcskGBL28kD1NARg4xaxFjJCjeBAHr3FBXb914AsUXhTRScDD5edRZ4hPVGES0VWVJivKYuis1H-4IaPB5q3NjvC3RamIsDvq_CrQkKCRZnCYFeYBfJfaDNi9XlO5LRxetFL03LL6hO5WJVjxhP_LVzyJ-DyZOcKjGqz_yQRZrS38jH9H8G5lfkTEOGPi0QpMffH6DogoKBVWKDNx7MDjDx5OEVVaFLOxkX1s_cJu5mec8KsstboNPUnG2nfyubdsuBDlOGxKKgv6hUSfIlJ0AfPGzQmcOeigfhSufJPUnFuM5wzqtruwGVtk7gtvGiI_ycHpHHul1Kiog1A3lgNb7XmUpeuu3t2ea07pszdUMj_c3zY9W17CCOhNKerMkAELWKgS-479lWT23Aj4gswKjCtPYSH_oBoL49ZZyqV2v5TqciSVlKODmFSWKG7FrG3RNwPpHP9zOOoe7OanmiY1VNyuOQr352EbKbMuf0C2le4gCAfd6ywqFnS9wCE2-4f5R_OXFMa9CzTK2RXw1uA0kzMcocCnr9CVjhQ3i_a3jCiQqPv02dGhNnz-v-vJ_FkvGgC5znPEc14o67w_-4xnhc3JZuCZh903pP73i48pv2Zco9EhG0snBqhX0SM3qZGxzv8laUxcN61EDUz4R6K8daNIx_Wck1ooL55veE7APKnVZcMzX_dD2I1JzQ7qsxBFzNp4_FSQZuq9r8fpreerVvG1aGn2RmV6tRNW7tnpvjyQtNErpa--MYECREaL6S5L7GxCcQMBgy4HJwjgORGd_tirNhPDSjiSWrmREDNDZxBmeZAblBkSSG_wxcGjN86G9jrnUh43cJedEXS6S-hmTMHtu-1Zfndos3omgtUfgNDgVz9WBx78yyyVGJxsO3TanCY8E3lNUDfDYbT-qtQCV9U5piENEXhwXOFUrwM3_V3Xi4n4otqXHP7dvMER4p6LVQjyEXB5IBmbutoizQ8KrwUrYBa4Hf4bPnAbsG2flggdWEkzUAFXp9tCNZZ_v1FlLzgSxEvoKllE55jTqTLccRtW1x3YVCF5P3IzjxtQS6qT6qdx-he0jwUt8bhCRzWHuoW4aSq5YPbImacTuyqzm1IV7JS65_WtR_uEdAqDXT9CFPVgRwK64gStnxasbecsS2bQSMvtIjWAKkx5r1DOetqEXZ3x8oHyL5lAOKqqgJ8sfCdiiGbFXRZxOzt7m-6TzKEBwL1HfiVnsyssgMq4QfjrQyBhq6TlaVoR3kJOX_YoTTOa6AuTnQSEVG9rzEMKd8dhi5Y_sWSkAnpFfEDOKEuRrI8Ekhh4fF7vKuqdp4RPb6301LUfaAD04w30jfgFb-D5LHLfKMmM3uCYh4ROF7p4Wt9qI94DHqbB37ebSX3EXfnM2NoWidXzlad8I5e44NFwkurP8tabhMmP-hNc8pW9Dl-xgX-WGmwScG3vL2zqynod2lXYL6jGGiVy8B21ZCx4zU0ayFYc_gegpcJPgIioPkFWeBtStDtlmz_r76DgAggkXiGf7-yDDR_-mHmorqbG-imK3sjX4KshMFOe-aIAskVWyPt92IFj5eOvCT06z5ne8PBWbYeKElAkwSjo7tnq-sEXj62zYSDqI_iAXLNRe3yCl9Ki0OSYwvS6ragJBkqxnC0En8kbiCPbkRQGK7kg33ofULcOo1eDymxiooIrUTv_dYMzI1Jo1ryT-QIzWDwaGkQYwucQ4VWBrK6sPcrfn8-bJDtc9YTtAXVYspvwdg7I7DZrexBnEx2RRbEfeE19y_rlSlCBfQ-to6tS16pmLOwvyqvhneclPqHZt72zo0WRH3V8QMdDMkThbyVLftF9WtJA87oWfwvXdNVz5qLfzjQsRc8_lWP7E_GafVq9u09mUO7FWvd0kEFRljmt2-3fsWrlnTcWHFaYnzgS5-FJnZQjGftQcwZs_wj8ODos1mi7QedKRndyVzQTeyvLQF2SyaQji6KxhRpbq7t45nWnYciFFym6Vf8RakyzgnFKQTJuXoQ1epZgPzuQwgmfhOmdqIqYUYJ0YE4LVPG99JR-wL4zbqXGsrGVDjXKxgiIS0iKl198kDPJ2Kiqz9-hWCiARC7dm7XBZQHRVYDML3_JKBb7lEI0NsErgZWldxFEc2vEBbEa3wBvc5R0YiUNPYKM8Mu3U1DNS_bfOKLsP-khrQgyCBQebQ14akN-z0hIsp0lPCsMDMiaV9HZ395FBHLjAuL8bqUQZhCKOFUSYPFDL95JPnovKpHzdpgcfkVVLPbzfRXt-7EDa2VUYSBGM75EfrgWAnMoVUMxW0FeEU46t6YFnyUAq351GALdY39cW8eS5ilm5v7_sZY0eYpSrgc-YAB3BWvTAP3aaY-oR3CMyv9ulA9q66xCNpMkuT-ZbK6zClMmoMQRxuhXueox4ISOI944UbdJ-C5LDUuJ9NzamXcXtYjAgfCQHR2vWu2zR8gKO7-FtcYzwa3R28hp2XqOI5LGuKHkN9NHBPSdR-Pl4-AYqGqYZxO9mg8oJZ17WyhizCu4Gne8jLbDX3yRz4OtjOTcWCdikd93Iom7C9MRzENqkjGpozrvxdUuVF-r9IbaK5yYwGuYTtSm7kXwHsp9VCs5DQSDYOHBMZFfU12lIQ-chhI3IhlrFmZ9cIsPoFIYzyRToatzoQYuAE-Egf35lYhgc5yAIiRu1nFAzdIOZYfg4qrHy2SVkoIGF2-JljjSRM4SlL4dRv_i4deMwERCnTJumrYsmMfdISbBdBB8qIvWa2LEZVGJVbRnWWtxyDmcJVzAG-euolL8Y7N09bbXYvzNh87BHwS7-LekKTJbE9ii8uqOYZh-Vb2z3HH7lOuowMeGh2X0x0L7MwYdJQU3HMnzwlB5w_IefZPovh_nbr36rATrFjyRufptA6chp6fEWdRF6RDgUl_EIm0nA-iVaffN7aAiiGPuGIM4yQEVj4DuKXGYnaQI5kG4_vthMBlwK7XMWuzr-q3ne6q9QmUhYOeJwZdTuZcDQxTngH4eVDMtVTuqM3rFiZnM8gaDvRuljTi5DiDsMxtNVX_XRbAFSPiAFm6Z3nyBBdWA&cid=CAASFeRoePr1comzWDSDOE8vMDjG-DDKZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc494bf4181bd97c5f56b9bdb0efb0d6ba4722a78cd947d51a2753adbabecbe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 14:52:20 GMT
x-content-type-options
nosniff
age
355031
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80248
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 20:25:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 14:52:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 4574 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW1Yn6JDWMY-Qrm-0sb2GtujFYCmSk-lhO2QPIr0qjtgFvJxDuRAZjAsrZ1S7B_1vhuagw0Cf2g1LAByXmi_dc8VGcipHNW4fLK_o97nGcB2CmnedJfX4Nso0vxEDTPKqnoTxHj9x5qc-LJ7Brofj3LIVcyQ&dbm_d=AKAmf-D4e1Z768h1u-1_Kuu7lVEkQgYHHCNucNxIA7gGUiynje_Ml9yzU16LBcbXapDPlp4KvMbMaBTJRIXMjYA6BITz_9LdV7WX8z8MJGgeEu_HYayUBSPvwB2x5HUv4tPhxMZ9tgCY8ujTANjO9hYg9OrW-B5_7b6_gKTLHZE_lnwU4zfeOJCEipX5YslamrESLe2caH57prab0_ED_dQe3RgC2EsUzyyKBE-kKIQ32SFivn1vDRF3JVPix7qG2numggSMEtIpeOEVBbzpC6QDGt9lR0WaohcskGBL28kD1NARg4xaxFjJCjeBAHr3FBXb914AsUXhTRScDD5edRZ4hPVGES0VWVJivKYuis1H-4IaPB5q3NjvC3RamIsDvq_CrQkKCRZnCYFeYBfJfaDNi9XlO5LRxetFL03LL6hO5WJVjxhP_LVzyJ-DyZOcKjGqz_yQRZrS38jH9H8G5lfkTEOGPi0QpMffH6DogoKBVWKDNx7MDjDx5OEVVaFLOxkX1s_cJu5mec8KsstboNPUnG2nfyubdsuBDlOGxKKgv6hUSfIlJ0AfPGzQmcOeigfhSufJPUnFuM5wzqtruwGVtk7gtvGiI_ycHpHHul1Kiog1A3lgNb7XmUpeuu3t2ea07pszdUMj_c3zY9W17CCOhNKerMkAELWKgS-479lWT23Aj4gswKjCtPYSH_oBoL49ZZyqV2v5TqciSVlKODmFSWKG7FrG3RNwPpHP9zOOoe7OanmiY1VNyuOQr352EbKbMuf0C2le4gCAfd6ywqFnS9wCE2-4f5R_OXFMa9CzTK2RXw1uA0kzMcocCnr9CVjhQ3i_a3jCiQqPv02dGhNnz-v-vJ_FkvGgC5znPEc14o67w_-4xnhc3JZuCZh903pP73i48pv2Zco9EhG0snBqhX0SM3qZGxzv8laUxcN61EDUz4R6K8daNIx_Wck1ooL55veE7APKnVZcMzX_dD2I1JzQ7qsxBFzNp4_FSQZuq9r8fpreerVvG1aGn2RmV6tRNW7tnpvjyQtNErpa--MYECREaL6S5L7GxCcQMBgy4HJwjgORGd_tirNhPDSjiSWrmREDNDZxBmeZAblBkSSG_wxcGjN86G9jrnUh43cJedEXS6S-hmTMHtu-1Zfndos3omgtUfgNDgVz9WBx78yyyVGJxsO3TanCY8E3lNUDfDYbT-qtQCV9U5piENEXhwXOFUrwM3_V3Xi4n4otqXHP7dvMER4p6LVQjyEXB5IBmbutoizQ8KrwUrYBa4Hf4bPnAbsG2flggdWEkzUAFXp9tCNZZ_v1FlLzgSxEvoKllE55jTqTLccRtW1x3YVCF5P3IzjxtQS6qT6qdx-he0jwUt8bhCRzWHuoW4aSq5YPbImacTuyqzm1IV7JS65_WtR_uEdAqDXT9CFPVgRwK64gStnxasbecsS2bQSMvtIjWAKkx5r1DOetqEXZ3x8oHyL5lAOKqqgJ8sfCdiiGbFXRZxOzt7m-6TzKEBwL1HfiVnsyssgMq4QfjrQyBhq6TlaVoR3kJOX_YoTTOa6AuTnQSEVG9rzEMKd8dhi5Y_sWSkAnpFfEDOKEuRrI8Ekhh4fF7vKuqdp4RPb6301LUfaAD04w30jfgFb-D5LHLfKMmM3uCYh4ROF7p4Wt9qI94DHqbB37ebSX3EXfnM2NoWidXzlad8I5e44NFwkurP8tabhMmP-hNc8pW9Dl-xgX-WGmwScG3vL2zqynod2lXYL6jGGiVy8B21ZCx4zU0ayFYc_gegpcJPgIioPkFWeBtStDtlmz_r76DgAggkXiGf7-yDDR_-mHmorqbG-imK3sjX4KshMFOe-aIAskVWyPt92IFj5eOvCT06z5ne8PBWbYeKElAkwSjo7tnq-sEXj62zYSDqI_iAXLNRe3yCl9Ki0OSYwvS6ragJBkqxnC0En8kbiCPbkRQGK7kg33ofULcOo1eDymxiooIrUTv_dYMzI1Jo1ryT-QIzWDwaGkQYwucQ4VWBrK6sPcrfn8-bJDtc9YTtAXVYspvwdg7I7DZrexBnEx2RRbEfeE19y_rlSlCBfQ-to6tS16pmLOwvyqvhneclPqHZt72zo0WRH3V8QMdDMkThbyVLftF9WtJA87oWfwvXdNVz5qLfzjQsRc8_lWP7E_GafVq9u09mUO7FWvd0kEFRljmt2-3fsWrlnTcWHFaYnzgS5-FJnZQjGftQcwZs_wj8ODos1mi7QedKRndyVzQTeyvLQF2SyaQji6KxhRpbq7t45nWnYciFFym6Vf8RakyzgnFKQTJuXoQ1epZgPzuQwgmfhOmdqIqYUYJ0YE4LVPG99JR-wL4zbqXGsrGVDjXKxgiIS0iKl198kDPJ2Kiqz9-hWCiARC7dm7XBZQHRVYDML3_JKBb7lEI0NsErgZWldxFEc2vEBbEa3wBvc5R0YiUNPYKM8Mu3U1DNS_bfOKLsP-khrQgyCBQebQ14akN-z0hIsp0lPCsMDMiaV9HZ395FBHLjAuL8bqUQZhCKOFUSYPFDL95JPnovKpHzdpgcfkVVLPbzfRXt-7EDa2VUYSBGM75EfrgWAnMoVUMxW0FeEU46t6YFnyUAq351GALdY39cW8eS5ilm5v7_sZY0eYpSrgc-YAB3BWvTAP3aaY-oR3CMyv9ulA9q66xCNpMkuT-ZbK6zClMmoMQRxuhXueox4ISOI944UbdJ-C5LDUuJ9NzamXcXtYjAgfCQHR2vWu2zR8gKO7-FtcYzwa3R28hp2XqOI5LGuKHkN9NHBPSdR-Pl4-AYqGqYZxO9mg8oJZ17WyhizCu4Gne8jLbDX3yRz4OtjOTcWCdikd93Iom7C9MRzENqkjGpozrvxdUuVF-r9IbaK5yYwGuYTtSm7kXwHsp9VCs5DQSDYOHBMZFfU12lIQ-chhI3IhlrFmZ9cIsPoFIYzyRToatzoQYuAE-Egf35lYhgc5yAIiRu1nFAzdIOZYfg4qrHy2SVkoIGF2-JljjSRM4SlL4dRv_i4deMwERCnTJumrYsmMfdISbBdBB8qIvWa2LEZVGJVbRnWWtxyDmcJVzAG-euolL8Y7N09bbXYvzNh87BHwS7-LekKTJbE9ii8uqOYZh-Vb2z3HH7lOuowMeGh2X0x0L7MwYdJQU3HMnzwlB5w_IefZPovh_nbr36rATrFjyRufptA6chp6fEWdRF6RDgUl_EIm0nA-iVaffN7aAiiGPuGIM4yQEVj4DuKXGYnaQI5kG4_vthMBlwK7XMWuzr-q3ne6q9QmUhYOeJwZdTuZcDQxTngH4eVDMtVTuqM3rFiZnM8gaDvRuljTi5DiDsMxtNVX_XRbAFSPiAFm6Z3nyBBdWA&cid=CAASFeRoePr1comzWDSDOE8vMDjG-DDKZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:28:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:28:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame 4574 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW1Yn6JDWMY-Qrm-0sb2GtujFYCmSk-lhO2QPIr0qjtgFvJxDuRAZjAsrZ1S7B_1vhuagw0Cf2g1LAByXmi_dc8VGcipHNW4fLK_o97nGcB2CmnedJfX4Nso0vxEDTPKqnoTxHj9x5qc-LJ7Brofj3LIVcyQ&dbm_d=AKAmf-D4e1Z768h1u-1_Kuu7lVEkQgYHHCNucNxIA7gGUiynje_Ml9yzU16LBcbXapDPlp4KvMbMaBTJRIXMjYA6BITz_9LdV7WX8z8MJGgeEu_HYayUBSPvwB2x5HUv4tPhxMZ9tgCY8ujTANjO9hYg9OrW-B5_7b6_gKTLHZE_lnwU4zfeOJCEipX5YslamrESLe2caH57prab0_ED_dQe3RgC2EsUzyyKBE-kKIQ32SFivn1vDRF3JVPix7qG2numggSMEtIpeOEVBbzpC6QDGt9lR0WaohcskGBL28kD1NARg4xaxFjJCjeBAHr3FBXb914AsUXhTRScDD5edRZ4hPVGES0VWVJivKYuis1H-4IaPB5q3NjvC3RamIsDvq_CrQkKCRZnCYFeYBfJfaDNi9XlO5LRxetFL03LL6hO5WJVjxhP_LVzyJ-DyZOcKjGqz_yQRZrS38jH9H8G5lfkTEOGPi0QpMffH6DogoKBVWKDNx7MDjDx5OEVVaFLOxkX1s_cJu5mec8KsstboNPUnG2nfyubdsuBDlOGxKKgv6hUSfIlJ0AfPGzQmcOeigfhSufJPUnFuM5wzqtruwGVtk7gtvGiI_ycHpHHul1Kiog1A3lgNb7XmUpeuu3t2ea07pszdUMj_c3zY9W17CCOhNKerMkAELWKgS-479lWT23Aj4gswKjCtPYSH_oBoL49ZZyqV2v5TqciSVlKODmFSWKG7FrG3RNwPpHP9zOOoe7OanmiY1VNyuOQr352EbKbMuf0C2le4gCAfd6ywqFnS9wCE2-4f5R_OXFMa9CzTK2RXw1uA0kzMcocCnr9CVjhQ3i_a3jCiQqPv02dGhNnz-v-vJ_FkvGgC5znPEc14o67w_-4xnhc3JZuCZh903pP73i48pv2Zco9EhG0snBqhX0SM3qZGxzv8laUxcN61EDUz4R6K8daNIx_Wck1ooL55veE7APKnVZcMzX_dD2I1JzQ7qsxBFzNp4_FSQZuq9r8fpreerVvG1aGn2RmV6tRNW7tnpvjyQtNErpa--MYECREaL6S5L7GxCcQMBgy4HJwjgORGd_tirNhPDSjiSWrmREDNDZxBmeZAblBkSSG_wxcGjN86G9jrnUh43cJedEXS6S-hmTMHtu-1Zfndos3omgtUfgNDgVz9WBx78yyyVGJxsO3TanCY8E3lNUDfDYbT-qtQCV9U5piENEXhwXOFUrwM3_V3Xi4n4otqXHP7dvMER4p6LVQjyEXB5IBmbutoizQ8KrwUrYBa4Hf4bPnAbsG2flggdWEkzUAFXp9tCNZZ_v1FlLzgSxEvoKllE55jTqTLccRtW1x3YVCF5P3IzjxtQS6qT6qdx-he0jwUt8bhCRzWHuoW4aSq5YPbImacTuyqzm1IV7JS65_WtR_uEdAqDXT9CFPVgRwK64gStnxasbecsS2bQSMvtIjWAKkx5r1DOetqEXZ3x8oHyL5lAOKqqgJ8sfCdiiGbFXRZxOzt7m-6TzKEBwL1HfiVnsyssgMq4QfjrQyBhq6TlaVoR3kJOX_YoTTOa6AuTnQSEVG9rzEMKd8dhi5Y_sWSkAnpFfEDOKEuRrI8Ekhh4fF7vKuqdp4RPb6301LUfaAD04w30jfgFb-D5LHLfKMmM3uCYh4ROF7p4Wt9qI94DHqbB37ebSX3EXfnM2NoWidXzlad8I5e44NFwkurP8tabhMmP-hNc8pW9Dl-xgX-WGmwScG3vL2zqynod2lXYL6jGGiVy8B21ZCx4zU0ayFYc_gegpcJPgIioPkFWeBtStDtlmz_r76DgAggkXiGf7-yDDR_-mHmorqbG-imK3sjX4KshMFOe-aIAskVWyPt92IFj5eOvCT06z5ne8PBWbYeKElAkwSjo7tnq-sEXj62zYSDqI_iAXLNRe3yCl9Ki0OSYwvS6ragJBkqxnC0En8kbiCPbkRQGK7kg33ofULcOo1eDymxiooIrUTv_dYMzI1Jo1ryT-QIzWDwaGkQYwucQ4VWBrK6sPcrfn8-bJDtc9YTtAXVYspvwdg7I7DZrexBnEx2RRbEfeE19y_rlSlCBfQ-to6tS16pmLOwvyqvhneclPqHZt72zo0WRH3V8QMdDMkThbyVLftF9WtJA87oWfwvXdNVz5qLfzjQsRc8_lWP7E_GafVq9u09mUO7FWvd0kEFRljmt2-3fsWrlnTcWHFaYnzgS5-FJnZQjGftQcwZs_wj8ODos1mi7QedKRndyVzQTeyvLQF2SyaQji6KxhRpbq7t45nWnYciFFym6Vf8RakyzgnFKQTJuXoQ1epZgPzuQwgmfhOmdqIqYUYJ0YE4LVPG99JR-wL4zbqXGsrGVDjXKxgiIS0iKl198kDPJ2Kiqz9-hWCiARC7dm7XBZQHRVYDML3_JKBb7lEI0NsErgZWldxFEc2vEBbEa3wBvc5R0YiUNPYKM8Mu3U1DNS_bfOKLsP-khrQgyCBQebQ14akN-z0hIsp0lPCsMDMiaV9HZ395FBHLjAuL8bqUQZhCKOFUSYPFDL95JPnovKpHzdpgcfkVVLPbzfRXt-7EDa2VUYSBGM75EfrgWAnMoVUMxW0FeEU46t6YFnyUAq351GALdY39cW8eS5ilm5v7_sZY0eYpSrgc-YAB3BWvTAP3aaY-oR3CMyv9ulA9q66xCNpMkuT-ZbK6zClMmoMQRxuhXueox4ISOI944UbdJ-C5LDUuJ9NzamXcXtYjAgfCQHR2vWu2zR8gKO7-FtcYzwa3R28hp2XqOI5LGuKHkN9NHBPSdR-Pl4-AYqGqYZxO9mg8oJZ17WyhizCu4Gne8jLbDX3yRz4OtjOTcWCdikd93Iom7C9MRzENqkjGpozrvxdUuVF-r9IbaK5yYwGuYTtSm7kXwHsp9VCs5DQSDYOHBMZFfU12lIQ-chhI3IhlrFmZ9cIsPoFIYzyRToatzoQYuAE-Egf35lYhgc5yAIiRu1nFAzdIOZYfg4qrHy2SVkoIGF2-JljjSRM4SlL4dRv_i4deMwERCnTJumrYsmMfdISbBdBB8qIvWa2LEZVGJVbRnWWtxyDmcJVzAG-euolL8Y7N09bbXYvzNh87BHwS7-LekKTJbE9ii8uqOYZh-Vb2z3HH7lOuowMeGh2X0x0L7MwYdJQU3HMnzwlB5w_IefZPovh_nbr36rATrFjyRufptA6chp6fEWdRF6RDgUl_EIm0nA-iVaffN7aAiiGPuGIM4yQEVj4DuKXGYnaQI5kG4_vthMBlwK7XMWuzr-q3ne6q9QmUhYOeJwZdTuZcDQxTngH4eVDMtVTuqM3rFiZnM8gaDvRuljTi5DiDsMxtNVX_XRbAFSPiAFm6Z3nyBBdWA&cid=CAASFeRoePr1comzWDSDOE8vMDjG-DDKZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:23:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4574 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-OELyDoKZcqQ3Ep97Tfj4PKw5RfNC18LhGJws2u02CLxtdk9WSWS_R011gnps0dh4RuvD-80O9OyncfDj0V3IJX2VaYhIRlapQ-gIsdTrmTRFiE0TdmAtNslkWqNPzVu3_V7K2nf4jBk9lCbVRJAjQxw2UsRnmqF9qsf1cKLcoG9m99cYRyI55mbup9cGKKO4Nc8hfcOdka2yDxY2r2sZxGNZPs1JTnHLdfeT5gk3RQqL20Bs02iOoNIXRchIgtVw_YRlqD8PJE8H8HArTcnNJwy_Z0ilKwGEDHPrygDI-ygLmUK0uVpQoCQIxogOIemqfT10vmWIk6_2FHHmStSAIOvNlF1X9k4KFe3bZ0e1EikoQgz56IKTzNU-4AmTjPyTPKUq7rQRnrjwxg2GCed24bLC5J_eEHrRCxWiNyfk7WWgPUfN-fAYS4nZDZKe5IGm-mBHFbupFkgYisw0QHgRLYDSgg_XNu4P_J0MOczpJCRoPg2usLg2M20m6pmVer36BhWbcHMIl5SRBWV9igPD3XhmlTwFji27Y2BsS3-F4jxTMIMiSZc5D7u0gzzM4SBds-6XhOvpjViq9QnIsNgRQ53m9Ofj2taLXTMcmpvSISmgOFWk5NPH1hN5QHZhckx2BhAtp32fGsOtUCbEsS1-bZEr-ZVzdQn8r3fOYkjgnmmkO9_SHYZWy48GMs4CAtpgsH7TEiyTlSHu8JpUrYCa0qC0YQMTKGg77GyaVkO0f6XboMGkTNyUB0p4OdJMAxxUtJXpMY81MpdSFTyCxGSrEP-kYs2xrJJWvXqBXtmLve4nP9zmMCaHVCKJsp76RLMOJKIofo2A-gxhwXuL5RanVwcCOwBK9ytnTF7926QVP1aVgwVTgfiIE5vV1FTWBBIfE8gs_w-9YphF9E3Lr8bKZi7eCkpQYOxODpGJgGO-vSCRhs3GqYVAr0zucu1NkNqVxrY05IHWM9JO2Nq-rEDOKLWGgSoqk92orT5Lxa4KWz2xwRvpLDXT7hFEr_0uSGP3pUgvJfyqtpDAGsOIqrn16MrzcY2FCLE8F6BXoKWfEJL0_uLA_Bcv3SQ9DZfxfObPra5yb09FLCgUOdIk_1vKNZxtcmkrfthme9_iwQ9nxb2GtiPemW6FJgP-E__N5nFQ4QxOQXKL&sai=AMfl-YQ2fh7WKvoZIj4LL-4scqEkVe5lJiHGOSHaT59mqRu8G5PbnThE_76USQ85LsraHH2wg9B8WAOcPlcqFq9AfaP4Bg2gq33Hl6Ea0HLPoTQtn0pB0DRab12DKMPOturcHmm_vr-E3-nofiebKhlTC-p5UiclBQLd0WShhE0&sig=Cg0ArKJSzIIVBlxqbILuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220216.46091&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW1Yn6JDWMY-Qrm-0sb2GtujFYCmSk-lhO2QPIr0qjtgFvJxDuRAZjAsrZ1S7B_1vhuagw0Cf2g1LAByXmi_dc8VGcipHNW4fLK_o97nGcB2CmnedJfX4Nso0vxEDTPKqnoTxHj9x5qc-LJ7Brofj3LIVcyQ&dbm_d=AKAmf-D4e1Z768h1u-1_Kuu7lVEkQgYHHCNucNxIA7gGUiynje_Ml9yzU16LBcbXapDPlp4KvMbMaBTJRIXMjYA6BITz_9LdV7WX8z8MJGgeEu_HYayUBSPvwB2x5HUv4tPhxMZ9tgCY8ujTANjO9hYg9OrW-B5_7b6_gKTLHZE_lnwU4zfeOJCEipX5YslamrESLe2caH57prab0_ED_dQe3RgC2EsUzyyKBE-kKIQ32SFivn1vDRF3JVPix7qG2numggSMEtIpeOEVBbzpC6QDGt9lR0WaohcskGBL28kD1NARg4xaxFjJCjeBAHr3FBXb914AsUXhTRScDD5edRZ4hPVGES0VWVJivKYuis1H-4IaPB5q3NjvC3RamIsDvq_CrQkKCRZnCYFeYBfJfaDNi9XlO5LRxetFL03LL6hO5WJVjxhP_LVzyJ-DyZOcKjGqz_yQRZrS38jH9H8G5lfkTEOGPi0QpMffH6DogoKBVWKDNx7MDjDx5OEVVaFLOxkX1s_cJu5mec8KsstboNPUnG2nfyubdsuBDlOGxKKgv6hUSfIlJ0AfPGzQmcOeigfhSufJPUnFuM5wzqtruwGVtk7gtvGiI_ycHpHHul1Kiog1A3lgNb7XmUpeuu3t2ea07pszdUMj_c3zY9W17CCOhNKerMkAELWKgS-479lWT23Aj4gswKjCtPYSH_oBoL49ZZyqV2v5TqciSVlKODmFSWKG7FrG3RNwPpHP9zOOoe7OanmiY1VNyuOQr352EbKbMuf0C2le4gCAfd6ywqFnS9wCE2-4f5R_OXFMa9CzTK2RXw1uA0kzMcocCnr9CVjhQ3i_a3jCiQqPv02dGhNnz-v-vJ_FkvGgC5znPEc14o67w_-4xnhc3JZuCZh903pP73i48pv2Zco9EhG0snBqhX0SM3qZGxzv8laUxcN61EDUz4R6K8daNIx_Wck1ooL55veE7APKnVZcMzX_dD2I1JzQ7qsxBFzNp4_FSQZuq9r8fpreerVvG1aGn2RmV6tRNW7tnpvjyQtNErpa--MYECREaL6S5L7GxCcQMBgy4HJwjgORGd_tirNhPDSjiSWrmREDNDZxBmeZAblBkSSG_wxcGjN86G9jrnUh43cJedEXS6S-hmTMHtu-1Zfndos3omgtUfgNDgVz9WBx78yyyVGJxsO3TanCY8E3lNUDfDYbT-qtQCV9U5piENEXhwXOFUrwM3_V3Xi4n4otqXHP7dvMER4p6LVQjyEXB5IBmbutoizQ8KrwUrYBa4Hf4bPnAbsG2flggdWEkzUAFXp9tCNZZ_v1FlLzgSxEvoKllE55jTqTLccRtW1x3YVCF5P3IzjxtQS6qT6qdx-he0jwUt8bhCRzWHuoW4aSq5YPbImacTuyqzm1IV7JS65_WtR_uEdAqDXT9CFPVgRwK64gStnxasbecsS2bQSMvtIjWAKkx5r1DOetqEXZ3x8oHyL5lAOKqqgJ8sfCdiiGbFXRZxOzt7m-6TzKEBwL1HfiVnsyssgMq4QfjrQyBhq6TlaVoR3kJOX_YoTTOa6AuTnQSEVG9rzEMKd8dhi5Y_sWSkAnpFfEDOKEuRrI8Ekhh4fF7vKuqdp4RPb6301LUfaAD04w30jfgFb-D5LHLfKMmM3uCYh4ROF7p4Wt9qI94DHqbB37ebSX3EXfnM2NoWidXzlad8I5e44NFwkurP8tabhMmP-hNc8pW9Dl-xgX-WGmwScG3vL2zqynod2lXYL6jGGiVy8B21ZCx4zU0ayFYc_gegpcJPgIioPkFWeBtStDtlmz_r76DgAggkXiGf7-yDDR_-mHmorqbG-imK3sjX4KshMFOe-aIAskVWyPt92IFj5eOvCT06z5ne8PBWbYeKElAkwSjo7tnq-sEXj62zYSDqI_iAXLNRe3yCl9Ki0OSYwvS6ragJBkqxnC0En8kbiCPbkRQGK7kg33ofULcOo1eDymxiooIrUTv_dYMzI1Jo1ryT-QIzWDwaGkQYwucQ4VWBrK6sPcrfn8-bJDtc9YTtAXVYspvwdg7I7DZrexBnEx2RRbEfeE19y_rlSlCBfQ-to6tS16pmLOwvyqvhneclPqHZt72zo0WRH3V8QMdDMkThbyVLftF9WtJA87oWfwvXdNVz5qLfzjQsRc8_lWP7E_GafVq9u09mUO7FWvd0kEFRljmt2-3fsWrlnTcWHFaYnzgS5-FJnZQjGftQcwZs_wj8ODos1mi7QedKRndyVzQTeyvLQF2SyaQji6KxhRpbq7t45nWnYciFFym6Vf8RakyzgnFKQTJuXoQ1epZgPzuQwgmfhOmdqIqYUYJ0YE4LVPG99JR-wL4zbqXGsrGVDjXKxgiIS0iKl198kDPJ2Kiqz9-hWCiARC7dm7XBZQHRVYDML3_JKBb7lEI0NsErgZWldxFEc2vEBbEa3wBvc5R0YiUNPYKM8Mu3U1DNS_bfOKLsP-khrQgyCBQebQ14akN-z0hIsp0lPCsMDMiaV9HZ395FBHLjAuL8bqUQZhCKOFUSYPFDL95JPnovKpHzdpgcfkVVLPbzfRXt-7EDa2VUYSBGM75EfrgWAnMoVUMxW0FeEU46t6YFnyUAq351GALdY39cW8eS5ilm5v7_sZY0eYpSrgc-YAB3BWvTAP3aaY-oR3CMyv9ulA9q66xCNpMkuT-ZbK6zClMmoMQRxuhXueox4ISOI944UbdJ-C5LDUuJ9NzamXcXtYjAgfCQHR2vWu2zR8gKO7-FtcYzwa3R28hp2XqOI5LGuKHkN9NHBPSdR-Pl4-AYqGqYZxO9mg8oJZ17WyhizCu4Gne8jLbDX3yRz4OtjOTcWCdikd93Iom7C9MRzENqkjGpozrvxdUuVF-r9IbaK5yYwGuYTtSm7kXwHsp9VCs5DQSDYOHBMZFfU12lIQ-chhI3IhlrFmZ9cIsPoFIYzyRToatzoQYuAE-Egf35lYhgc5yAIiRu1nFAzdIOZYfg4qrHy2SVkoIGF2-JljjSRM4SlL4dRv_i4deMwERCnTJumrYsmMfdISbBdBB8qIvWa2LEZVGJVbRnWWtxyDmcJVzAG-euolL8Y7N09bbXYvzNh87BHwS7-LekKTJbE9ii8uqOYZh-Vb2z3HH7lOuowMeGh2X0x0L7MwYdJQU3HMnzwlB5w_IefZPovh_nbr36rATrFjyRufptA6chp6fEWdRF6RDgUl_EIm0nA-iVaffN7aAiiGPuGIM4yQEVj4DuKXGYnaQI5kG4_vthMBlwK7XMWuzr-q3ne6q9QmUhYOeJwZdTuZcDQxTngH4eVDMtVTuqM3rFiZnM8gaDvRuljTi5DiDsMxtNVX_XRbAFSPiAFm6Z3nyBBdWA&cid=CAASFeRoePr1comzWDSDOE8vMDjG-DDKZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 19 Feb 2022 17:29:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4574 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW1Yn6JDWMY-Qrm-0sb2GtujFYCmSk-lhO2QPIr0qjtgFvJxDuRAZjAsrZ1S7B_1vhuagw0Cf2g1LAByXmi_dc8VGcipHNW4fLK_o97nGcB2CmnedJfX4Nso0vxEDTPKqnoTxHj9x5qc-LJ7Brofj3LIVcyQ&dbm_d=AKAmf-D4e1Z768h1u-1_Kuu7lVEkQgYHHCNucNxIA7gGUiynje_Ml9yzU16LBcbXapDPlp4KvMbMaBTJRIXMjYA6BITz_9LdV7WX8z8MJGgeEu_HYayUBSPvwB2x5HUv4tPhxMZ9tgCY8ujTANjO9hYg9OrW-B5_7b6_gKTLHZE_lnwU4zfeOJCEipX5YslamrESLe2caH57prab0_ED_dQe3RgC2EsUzyyKBE-kKIQ32SFivn1vDRF3JVPix7qG2numggSMEtIpeOEVBbzpC6QDGt9lR0WaohcskGBL28kD1NARg4xaxFjJCjeBAHr3FBXb914AsUXhTRScDD5edRZ4hPVGES0VWVJivKYuis1H-4IaPB5q3NjvC3RamIsDvq_CrQkKCRZnCYFeYBfJfaDNi9XlO5LRxetFL03LL6hO5WJVjxhP_LVzyJ-DyZOcKjGqz_yQRZrS38jH9H8G5lfkTEOGPi0QpMffH6DogoKBVWKDNx7MDjDx5OEVVaFLOxkX1s_cJu5mec8KsstboNPUnG2nfyubdsuBDlOGxKKgv6hUSfIlJ0AfPGzQmcOeigfhSufJPUnFuM5wzqtruwGVtk7gtvGiI_ycHpHHul1Kiog1A3lgNb7XmUpeuu3t2ea07pszdUMj_c3zY9W17CCOhNKerMkAELWKgS-479lWT23Aj4gswKjCtPYSH_oBoL49ZZyqV2v5TqciSVlKODmFSWKG7FrG3RNwPpHP9zOOoe7OanmiY1VNyuOQr352EbKbMuf0C2le4gCAfd6ywqFnS9wCE2-4f5R_OXFMa9CzTK2RXw1uA0kzMcocCnr9CVjhQ3i_a3jCiQqPv02dGhNnz-v-vJ_FkvGgC5znPEc14o67w_-4xnhc3JZuCZh903pP73i48pv2Zco9EhG0snBqhX0SM3qZGxzv8laUxcN61EDUz4R6K8daNIx_Wck1ooL55veE7APKnVZcMzX_dD2I1JzQ7qsxBFzNp4_FSQZuq9r8fpreerVvG1aGn2RmV6tRNW7tnpvjyQtNErpa--MYECREaL6S5L7GxCcQMBgy4HJwjgORGd_tirNhPDSjiSWrmREDNDZxBmeZAblBkSSG_wxcGjN86G9jrnUh43cJedEXS6S-hmTMHtu-1Zfndos3omgtUfgNDgVz9WBx78yyyVGJxsO3TanCY8E3lNUDfDYbT-qtQCV9U5piENEXhwXOFUrwM3_V3Xi4n4otqXHP7dvMER4p6LVQjyEXB5IBmbutoizQ8KrwUrYBa4Hf4bPnAbsG2flggdWEkzUAFXp9tCNZZ_v1FlLzgSxEvoKllE55jTqTLccRtW1x3YVCF5P3IzjxtQS6qT6qdx-he0jwUt8bhCRzWHuoW4aSq5YPbImacTuyqzm1IV7JS65_WtR_uEdAqDXT9CFPVgRwK64gStnxasbecsS2bQSMvtIjWAKkx5r1DOetqEXZ3x8oHyL5lAOKqqgJ8sfCdiiGbFXRZxOzt7m-6TzKEBwL1HfiVnsyssgMq4QfjrQyBhq6TlaVoR3kJOX_YoTTOa6AuTnQSEVG9rzEMKd8dhi5Y_sWSkAnpFfEDOKEuRrI8Ekhh4fF7vKuqdp4RPb6301LUfaAD04w30jfgFb-D5LHLfKMmM3uCYh4ROF7p4Wt9qI94DHqbB37ebSX3EXfnM2NoWidXzlad8I5e44NFwkurP8tabhMmP-hNc8pW9Dl-xgX-WGmwScG3vL2zqynod2lXYL6jGGiVy8B21ZCx4zU0ayFYc_gegpcJPgIioPkFWeBtStDtlmz_r76DgAggkXiGf7-yDDR_-mHmorqbG-imK3sjX4KshMFOe-aIAskVWyPt92IFj5eOvCT06z5ne8PBWbYeKElAkwSjo7tnq-sEXj62zYSDqI_iAXLNRe3yCl9Ki0OSYwvS6ragJBkqxnC0En8kbiCPbkRQGK7kg33ofULcOo1eDymxiooIrUTv_dYMzI1Jo1ryT-QIzWDwaGkQYwucQ4VWBrK6sPcrfn8-bJDtc9YTtAXVYspvwdg7I7DZrexBnEx2RRbEfeE19y_rlSlCBfQ-to6tS16pmLOwvyqvhneclPqHZt72zo0WRH3V8QMdDMkThbyVLftF9WtJA87oWfwvXdNVz5qLfzjQsRc8_lWP7E_GafVq9u09mUO7FWvd0kEFRljmt2-3fsWrlnTcWHFaYnzgS5-FJnZQjGftQcwZs_wj8ODos1mi7QedKRndyVzQTeyvLQF2SyaQji6KxhRpbq7t45nWnYciFFym6Vf8RakyzgnFKQTJuXoQ1epZgPzuQwgmfhOmdqIqYUYJ0YE4LVPG99JR-wL4zbqXGsrGVDjXKxgiIS0iKl198kDPJ2Kiqz9-hWCiARC7dm7XBZQHRVYDML3_JKBb7lEI0NsErgZWldxFEc2vEBbEa3wBvc5R0YiUNPYKM8Mu3U1DNS_bfOKLsP-khrQgyCBQebQ14akN-z0hIsp0lPCsMDMiaV9HZ395FBHLjAuL8bqUQZhCKOFUSYPFDL95JPnovKpHzdpgcfkVVLPbzfRXt-7EDa2VUYSBGM75EfrgWAnMoVUMxW0FeEU46t6YFnyUAq351GALdY39cW8eS5ilm5v7_sZY0eYpSrgc-YAB3BWvTAP3aaY-oR3CMyv9ulA9q66xCNpMkuT-ZbK6zClMmoMQRxuhXueox4ISOI944UbdJ-C5LDUuJ9NzamXcXtYjAgfCQHR2vWu2zR8gKO7-FtcYzwa3R28hp2XqOI5LGuKHkN9NHBPSdR-Pl4-AYqGqYZxO9mg8oJZ17WyhizCu4Gne8jLbDX3yRz4OtjOTcWCdikd93Iom7C9MRzENqkjGpozrvxdUuVF-r9IbaK5yYwGuYTtSm7kXwHsp9VCs5DQSDYOHBMZFfU12lIQ-chhI3IhlrFmZ9cIsPoFIYzyRToatzoQYuAE-Egf35lYhgc5yAIiRu1nFAzdIOZYfg4qrHy2SVkoIGF2-JljjSRM4SlL4dRv_i4deMwERCnTJumrYsmMfdISbBdBB8qIvWa2LEZVGJVbRnWWtxyDmcJVzAG-euolL8Y7N09bbXYvzNh87BHwS7-LekKTJbE9ii8uqOYZh-Vb2z3HH7lOuowMeGh2X0x0L7MwYdJQU3HMnzwlB5w_IefZPovh_nbr36rATrFjyRufptA6chp6fEWdRF6RDgUl_EIm0nA-iVaffN7aAiiGPuGIM4yQEVj4DuKXGYnaQI5kG4_vthMBlwK7XMWuzr-q3ne6q9QmUhYOeJwZdTuZcDQxTngH4eVDMtVTuqM3rFiZnM8gaDvRuljTi5DiDsMxtNVX_XRbAFSPiAFm6Z3nyBBdWA&cid=CAASFeRoePr1comzWDSDOE8vMDjG-DDKZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Feb 2023 16:13:41 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 463B 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
Origin
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Feb 2022 16:13:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame 463B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWGCO-BsDqXmtnv0Hbh55Ggxzd24rhmGCHi9Dkai2wPoW1K8wFaFxmDfJEzyoi34CeyO72P9sh4mToMsqNqP9P1LMi0AxxzGL_ZCbxNih3AhdE40ARGIHib9VLPXt5DJ74_Jp3YSIya6ponEicd4BVcXHBhg&dbm_d=AKAmf-Dv_5mOR2xTxrwCfMj8wzmlEmJlGk9tQ_zSMbWpWSH8hTZdt7RMRe66v4eqlyMmOaErapA3A8RiU1ks1KZrqFBqKckivaXcJMJ-vBVwLPcCHH1TZF8QJBtp_IAd_Cqa9dGIaTYNs7fZPtwbDQjUANjeusSKeoadVALIsPreT1yUCV_oPP2l-c5q8fkEYF5ALWbCA6h5rCHqEJmalYlkEXehcpo3sSKWD3grcztqPGn1DPz8rLsrUv33Ygm448JKIST9gVdemJeJqUES5OYptNfACO9X1jr9C37KjPpplDkJoZZqUi-srgLeoi3Uba5r7ZKFJc0HnKRa3ckwag820RPoM1nZ_B0VMPCkrfF4ZNieu_Cm5XMtLpkN1DrboivPLo8HE0hpcyBKeCLe3jkxlaVT_DIuqLaF23K_P9q6hdMBbqsbdbYUuhDGusX9jp8kN6G2qptpJ0fUJ1ZH18epviOCGT4p8kIy6Tw1WyngVAahYIXjNc1fD_syNLCOI5wfHyPgABtVZRPWajXUC3NrF0LX2ltVbxM2l6kyi4uTe3jZDQMP_iN2XQefAZiv6BOBJQkhvnCWhbbxyqYsa8lyJ3YApecWNiI6gPEzEvavxhlWk0FM_f-tcS-Sc36SrLPC0RGyVza-kolr4h_WdQRN22yNcws6T4JSyUZdCoy9H1XRHK18kECxYWBlxk9Tpu7LE6j2hEYYsUT0OkSd_jgSG2JGGHdYybUv9d88Eev-iRDcpjwjPYn3UgiQLn0Qwih5Bflt_M6zaNPvp1XlGdhO-luHejpsTy6QTKzipStKMLMdh9F9Z8LISDM1p_k00IE1H_4iJL90dOLqfzUzs8NGtbIfCBRfIaYtSpzB3Y6FWjxbtEtLrQTiNoUDaCKh3RiNq-OL8LvhjbTmL-yxMNJS_K7YcEjs8NR_tSgbi7wdellYPBmCxSVuWUH533Wlvmf9KWHgRfH-Tn0xg5uDupBGeibFnDiCRd5IEADuT_p9qlSh1plb8LNatgjWX5KRyEGF6FBTjj6m2yhByYEb9b-awbmSMluSWbtIvKkT533swUsUL5eDBZ66pzdYz3ay_jZvoqj1x4G19_XcC26oEIuScItHyceS-5w1x1_EDkWqlFo29YQolXbCxmuRLKN1OkOWU4Vx429FeLgaKZ7MjoV2lChJokOM3_8_R0HNSNqimG1mEfp-VOyzbxU_FXNY2R5Tl4A8d1ppfhfeUZqVLt2HrnnUC-w_Uzp8bfjUSE4JxblWoeuhh0CP07esygeMpxjAyIQU2JWpY0w7sbavkZiTA73zkb1EbfrmVTnxk_0YK8KX3nHrkHKH5tVJ3urlj_-CGEVGiaBmRVSF53IrX_GX5M4QVOtcb9-R0YmkmBtZN5Qt-PA_W8tq0qBooraYRgK2tUXQSC_k8dR_fe74R67oyFc7kkOpK_o_EvyoXEbqtmDzcOPmLUELKbaAnBrlEuZnLrTNcu2LTxYGsCl0zHNH62oaP-rcbCV7zZb6066YZYLTP5qjpJhpRd14kvIXUnEfMrwKI4UA1Vkp7pwMAmRMS3wsolP8rvePfKjFtcZgFPDPMwFfGio-Jg2bUs3SAJhvKVFdeZmxGX6q3AwMPGGNMjytV7MbWEyvdw0FaphEu0-piP7A6u3zOBV-nqJIgYqbYO8cKgH2rrKrm02oqKQBLupVIk_xNcQ17NTaRqs8C6nQWYiIqTnenFoDl_beebmp0XBrC-bLfzBbCa0htB8gtMtk1oVe_6QSU8MkV2fiqksMo473sTmmJsxWgSGQEfjA661KRAw_YmEnf4Xs3CvA8Se9cblRmM8htk5KQBIzyHkugXvOVQyWOMEuECxqj3MbiyEZHEqRG9dbc9SZDOmGaRMlfFyS4xTJMdRzp96f7iP2b0EcIPKSPDXwPhw0wTomrUTsylk_MY0n9V14rnXR5iSBwGCDMPDPgRiSUs1E09EfxpghhngnBN0gxTYy5aSoK9235ohJMtWtEzJDYyyX8Y5PD5xptU30iKyNE0fuSEmgEVVWPD4PM9oKay0G2SdaRhLkNZUmzFs0xp2eMZ6Xvw7R8mM2d4-R1NQdyccPnW139MZVlnhOcyh1F_D1kxkCXot_5bqtOIcvO5THJdn6_wHjOn9820U0SD1hZubAaviHVfOVZ1XncSQo3cf4FjDxUHnMgjTcJbUAz2h7rYpyPtDlIIv7qVUvpYiblp2Y0nkgmnry5cMmX2Tb6VjQjKCAQHqA6uIcG6gfpalIr7fGOiFTJnFT-eeRcKynandY6swDnz_7ZtdpE-_F9XmzTdh0_y90lmT2mKtx__XPhpEJcG3TYB-37vRIlbs-ZRWVkfcA6c87yi_Li7HpgRnQFicJQWkDc44fM0AzRIGCe_GGuzflFFCOIygN9XB4MW4jUGZYi81IOr1YabC2TAI-zhs-isDo3HFLlPd1NN3xxzEmhW3MRNLd0yiFZAT34jtRqDMai5crtjBThVh2o6BzvVr_GzhbmkwKTsasxHJT1fLHvJ1iuxQb9QITmiC_pgV90OmckIJr-UFl-8mLVg56JPXJ2Ec5BAAKmJBbs8XsXWuPaek_muc5oLxnfKyuxc0tlZR6QQ_hb-HsFvAuEfmJIGGVi98-377Id2yc7COCF0PGw3ki4c-ua5sA7ZdaP7db_mO_WVWmEwr1lF5PbRXYqiLB7eQJ5-07AR-KnigeepBSu7IEXze2MZ-QH5xgVhTjOi5gJZIQOfpz8WIjVq0Ll7El17sBFOQ22yJL55IKRWySUkdECY6-sGrGHAe0rp36bSBv17X7kTL-ZB1Tf7ndXnexUUUolgRAyNgXQFQkjFCwmNFCeJtcF6fMu5ZNWfP9Nwj-3v8KuhYh9Desa-8eKud0BrTL3c9tn30Y8EzN-xPcmVcXBQkAjAGvuwruwwXIhxbqiADjpZZ7GMHo5uL19k254EV1UuC7v3V7T689y46FEZt2K49pGCzK8XbfPuWJgkWoQ92g9oSxiy9LpnWCSVrcYhyLeAZv6OdkA0_jY9Ptx2fDqrww-H9Mfx9TwMw5uPLfFY8-OvkliN-vcARNMK-b3h8HGlm_vPQs5vXmzzf8OkujgwqjhueG4DqdgtdSkYZyh72gD6zaRBfkGGw2dmNioO8f3ef8fv45C1LOhd-mzu9MT97szDzF73yg-VXWl1MhCvwMtXBMD8XaA4fMkZ4tUI2uaRxliAyTPNycFP9GjSoodLuvX_ICVXdGLIlKgFd-O_BQT4vOt-sqOJjZFguPDQ2gSuYR-BysunkSE9LMQtFNMrm7P1_QovMr8WvVmLKB-8xPIRmiINcPhFHl911BHrNWJCeyUwOpNXwqmE7SBJoHBqOYH6y_fkuaWX3wh3jcwYjIdVPgIJ4PMSQZU0dK97Nga6jN&cid=CAASFeRozaivdJrIj0TMJOjIobi_O9bGBA&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:23:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 463B 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWGCO-BsDqXmtnv0Hbh55Ggxzd24rhmGCHi9Dkai2wPoW1K8wFaFxmDfJEzyoi34CeyO72P9sh4mToMsqNqP9P1LMi0AxxzGL_ZCbxNih3AhdE40ARGIHib9VLPXt5DJ74_Jp3YSIya6ponEicd4BVcXHBhg&dbm_d=AKAmf-Dv_5mOR2xTxrwCfMj8wzmlEmJlGk9tQ_zSMbWpWSH8hTZdt7RMRe66v4eqlyMmOaErapA3A8RiU1ks1KZrqFBqKckivaXcJMJ-vBVwLPcCHH1TZF8QJBtp_IAd_Cqa9dGIaTYNs7fZPtwbDQjUANjeusSKeoadVALIsPreT1yUCV_oPP2l-c5q8fkEYF5ALWbCA6h5rCHqEJmalYlkEXehcpo3sSKWD3grcztqPGn1DPz8rLsrUv33Ygm448JKIST9gVdemJeJqUES5OYptNfACO9X1jr9C37KjPpplDkJoZZqUi-srgLeoi3Uba5r7ZKFJc0HnKRa3ckwag820RPoM1nZ_B0VMPCkrfF4ZNieu_Cm5XMtLpkN1DrboivPLo8HE0hpcyBKeCLe3jkxlaVT_DIuqLaF23K_P9q6hdMBbqsbdbYUuhDGusX9jp8kN6G2qptpJ0fUJ1ZH18epviOCGT4p8kIy6Tw1WyngVAahYIXjNc1fD_syNLCOI5wfHyPgABtVZRPWajXUC3NrF0LX2ltVbxM2l6kyi4uTe3jZDQMP_iN2XQefAZiv6BOBJQkhvnCWhbbxyqYsa8lyJ3YApecWNiI6gPEzEvavxhlWk0FM_f-tcS-Sc36SrLPC0RGyVza-kolr4h_WdQRN22yNcws6T4JSyUZdCoy9H1XRHK18kECxYWBlxk9Tpu7LE6j2hEYYsUT0OkSd_jgSG2JGGHdYybUv9d88Eev-iRDcpjwjPYn3UgiQLn0Qwih5Bflt_M6zaNPvp1XlGdhO-luHejpsTy6QTKzipStKMLMdh9F9Z8LISDM1p_k00IE1H_4iJL90dOLqfzUzs8NGtbIfCBRfIaYtSpzB3Y6FWjxbtEtLrQTiNoUDaCKh3RiNq-OL8LvhjbTmL-yxMNJS_K7YcEjs8NR_tSgbi7wdellYPBmCxSVuWUH533Wlvmf9KWHgRfH-Tn0xg5uDupBGeibFnDiCRd5IEADuT_p9qlSh1plb8LNatgjWX5KRyEGF6FBTjj6m2yhByYEb9b-awbmSMluSWbtIvKkT533swUsUL5eDBZ66pzdYz3ay_jZvoqj1x4G19_XcC26oEIuScItHyceS-5w1x1_EDkWqlFo29YQolXbCxmuRLKN1OkOWU4Vx429FeLgaKZ7MjoV2lChJokOM3_8_R0HNSNqimG1mEfp-VOyzbxU_FXNY2R5Tl4A8d1ppfhfeUZqVLt2HrnnUC-w_Uzp8bfjUSE4JxblWoeuhh0CP07esygeMpxjAyIQU2JWpY0w7sbavkZiTA73zkb1EbfrmVTnxk_0YK8KX3nHrkHKH5tVJ3urlj_-CGEVGiaBmRVSF53IrX_GX5M4QVOtcb9-R0YmkmBtZN5Qt-PA_W8tq0qBooraYRgK2tUXQSC_k8dR_fe74R67oyFc7kkOpK_o_EvyoXEbqtmDzcOPmLUELKbaAnBrlEuZnLrTNcu2LTxYGsCl0zHNH62oaP-rcbCV7zZb6066YZYLTP5qjpJhpRd14kvIXUnEfMrwKI4UA1Vkp7pwMAmRMS3wsolP8rvePfKjFtcZgFPDPMwFfGio-Jg2bUs3SAJhvKVFdeZmxGX6q3AwMPGGNMjytV7MbWEyvdw0FaphEu0-piP7A6u3zOBV-nqJIgYqbYO8cKgH2rrKrm02oqKQBLupVIk_xNcQ17NTaRqs8C6nQWYiIqTnenFoDl_beebmp0XBrC-bLfzBbCa0htB8gtMtk1oVe_6QSU8MkV2fiqksMo473sTmmJsxWgSGQEfjA661KRAw_YmEnf4Xs3CvA8Se9cblRmM8htk5KQBIzyHkugXvOVQyWOMEuECxqj3MbiyEZHEqRG9dbc9SZDOmGaRMlfFyS4xTJMdRzp96f7iP2b0EcIPKSPDXwPhw0wTomrUTsylk_MY0n9V14rnXR5iSBwGCDMPDPgRiSUs1E09EfxpghhngnBN0gxTYy5aSoK9235ohJMtWtEzJDYyyX8Y5PD5xptU30iKyNE0fuSEmgEVVWPD4PM9oKay0G2SdaRhLkNZUmzFs0xp2eMZ6Xvw7R8mM2d4-R1NQdyccPnW139MZVlnhOcyh1F_D1kxkCXot_5bqtOIcvO5THJdn6_wHjOn9820U0SD1hZubAaviHVfOVZ1XncSQo3cf4FjDxUHnMgjTcJbUAz2h7rYpyPtDlIIv7qVUvpYiblp2Y0nkgmnry5cMmX2Tb6VjQjKCAQHqA6uIcG6gfpalIr7fGOiFTJnFT-eeRcKynandY6swDnz_7ZtdpE-_F9XmzTdh0_y90lmT2mKtx__XPhpEJcG3TYB-37vRIlbs-ZRWVkfcA6c87yi_Li7HpgRnQFicJQWkDc44fM0AzRIGCe_GGuzflFFCOIygN9XB4MW4jUGZYi81IOr1YabC2TAI-zhs-isDo3HFLlPd1NN3xxzEmhW3MRNLd0yiFZAT34jtRqDMai5crtjBThVh2o6BzvVr_GzhbmkwKTsasxHJT1fLHvJ1iuxQb9QITmiC_pgV90OmckIJr-UFl-8mLVg56JPXJ2Ec5BAAKmJBbs8XsXWuPaek_muc5oLxnfKyuxc0tlZR6QQ_hb-HsFvAuEfmJIGGVi98-377Id2yc7COCF0PGw3ki4c-ua5sA7ZdaP7db_mO_WVWmEwr1lF5PbRXYqiLB7eQJ5-07AR-KnigeepBSu7IEXze2MZ-QH5xgVhTjOi5gJZIQOfpz8WIjVq0Ll7El17sBFOQ22yJL55IKRWySUkdECY6-sGrGHAe0rp36bSBv17X7kTL-ZB1Tf7ndXnexUUUolgRAyNgXQFQkjFCwmNFCeJtcF6fMu5ZNWfP9Nwj-3v8KuhYh9Desa-8eKud0BrTL3c9tn30Y8EzN-xPcmVcXBQkAjAGvuwruwwXIhxbqiADjpZZ7GMHo5uL19k254EV1UuC7v3V7T689y46FEZt2K49pGCzK8XbfPuWJgkWoQ92g9oSxiy9LpnWCSVrcYhyLeAZv6OdkA0_jY9Ptx2fDqrww-H9Mfx9TwMw5uPLfFY8-OvkliN-vcARNMK-b3h8HGlm_vPQs5vXmzzf8OkujgwqjhueG4DqdgtdSkYZyh72gD6zaRBfkGGw2dmNioO8f3ef8fv45C1LOhd-mzu9MT97szDzF73yg-VXWl1MhCvwMtXBMD8XaA4fMkZ4tUI2uaRxliAyTPNycFP9GjSoodLuvX_ICVXdGLIlKgFd-O_BQT4vOt-sqOJjZFguPDQ2gSuYR-BysunkSE9LMQtFNMrm7P1_QovMr8WvVmLKB-8xPIRmiINcPhFHl911BHrNWJCeyUwOpNXwqmE7SBJoHBqOYH6y_fkuaWX3wh3jcwYjIdVPgIJ4PMSQZU0dK97Nga6jN&cid=CAASFeRozaivdJrIj0TMJOjIobi_O9bGBA&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:28:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Mar 2022 17:28:12 GMT
/
c.lentainform.com/pv/ 		0
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lentainform.com/pv/?pv=5&cbuster=1645291771814804968301&uniqId=00e12&niet=4g&nisd=false&jsv=es6&ref=http%3A%2F%2Fadmtax.ru%2F&cxurl=https%3A%2F%2Fwww.finanz.ru%2F&pr=admtax.ru&lu=https%3A%2F%2Fwww.finanz.ru%2F&sessionId=621128fc-0a573&pageView=1&pvid=17f130817a7a3dd6e68&site=466985&implVersion=4&dpr=1
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/f/i/finanz.ru.628816.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.finanz.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e0137c5fd8a5c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4DA5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Feb 2023 16:13:41 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BCE8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Feb 2022 16:14:25 GMT
expires
Fri, 17 Feb 2023 16:14:25 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
177306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pfdindisplaypro-regular-webfont.woff
cdn.lentainform.com/fonts/ 		143 KB
144 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.lentainform.com/fonts/pfdindisplaypro-regular-webfont.woff
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d2f6cdc8935a366367038ae0c41970fb8179484bd7826fee8889adde33d887

Request headers

Referer
https://www.finanz.ru/
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:31 GMT
cf-cache-status
HIT
age
4842
cf-ray
6e0137c648356921-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
146832
x-amz-id-2
++hRUvUwipAX5Z+qJn0UehkWkaoJnYmJP28ucAvj18Xrgjd3OlwAkPReLiKbVRsZ31fgi9SmbFY=
last-modified
Mon, 04 May 2020 12:16:39 GMT
server
cloudflare
etag
"eb96f10c2dc30d06d0969ff9c2ecfff0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-request-id
G7N259161E70M45N
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
binary/octet-stream
expires
Sat, 19 Feb 2022 21:29:31 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2D20 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Feb 2022 16:14:25 GMT
expires
Fri, 17 Feb 2023 16:14:25 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
177306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 463B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Feb 2023 16:13:41 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E644 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Feb 2022 16:14:25 GMT
expires
Fri, 17 Feb 2023 16:14:25 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
177306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
pagead2.googlesyndication.com/bg/ Frame BCE8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 16:21:38 GMT
1
servicer.lentainform.com/628816/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.lentainform.com/628816/1?pv=5&cbuster=1645291771907655942217&uniqId=00e12&niet=4g&nisd=false&jsv=es6&w=300&h=142&cols=3&ref=http%3A%2F%2Fadmtax.ru%2F&cxurl=https%3A%2F%2Fwww.finanz.ru%2F&pr=admtax.ru&lu=https%3A%2F%2Fwww.finanz.ru%2F&sessionId=621128fc-0a573&pageView=1&pvid=17f130817a7a3dd6e68&implVersion=4&dpr=1
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/f/i/finanz.ru.628816.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
546b0542c3e2411df4ab29071185ebeecd712c1d08af98c45878934a7faaeb6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.finanz.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e0137c67edb5c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
pagead2.googlesyndication.com/bg/ Frame 2D20 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 16:21:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BAD6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Feb 2022 16:14:25 GMT
expires
Fri, 17 Feb 2023 16:14:25 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
177307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 59A5 		261 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
31830
date
Fri, 18 Feb 2022 13:52:42 GMT
expires
Sat, 18 Feb 2023 13:52:42 GMT
cache-control
public, max-age=31536000
age
99410
last-modified
Thu, 20 Jan 2022 15:37:33 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4DA5 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDiADKj9_POCu9ZPlUDTzvCurkRX4jC3ZUc8iVu_8wcTRJdKxuqglQLbzVPtDnhzgzZeNySiMsu0X96EhkVhsfY1lXNQmyfSBMBb7SYHSqExxXdLMiCE8NrLfgcjdM6Uq24tYvSDYhhXPWwAs-G53EH2D_mFuLkz0qb5NBYORiGtBp6f2tSErH-7olGchgD8twsh1C0dTWJnKZrSWHY9eY2H4qdF0wFI5RWhQCTsgnRN9WQv3hhQ42albpbrT5RiE39-GTp2ElZGMMow1iv9D3MAbyLzM8BhVnlbXAgruQB2QMHirS1Gs0jKuQAW4iphgK3VJM9AXAdNqwZkQEYIywm72LNqItelJxq0PzzcLQjk_LthhsZHyL8KTmN45LGflSlKXzLew19fq7pZUWxebqAQLU8jbMG0g-NfaltAuz8CpRF1A0qQK0VRabxpBksyoNsLXHS3Q6GM86LXwZK9JcCuOY_YnTdqR_StVSrfnsLo6SOUodWEU_huxxK2IXDsNCw3Xmqlz1DJoV3sc7iY9noRv67JHT71QB0OGC5eXvFwcTkTFn9IfqFJZ2edZ-JrOSw5EvLTh5nVu6r6kEiVTtGMGWbwCwRpCqmpqZuMNuzrVKy3hAaaHlz8wXVMzG5wxsOYShNBSXm5zR2f80TRqw8HEStLAmoShHmHfPevI7AlA43fLxsNI8DAY4lKNz2mH6JjIuUhllqhI9FJioFL7Gqkt6AZ8ilZsP1j2nW2P2epGnDG9nt-Pg9hCkSf_flpxqE2opRztlk6AGwvgleiX1FAq6LywAIP3KTdF8nqFbStHkx_owiYkXzijg57rqVHWPyiUikYCbTP6Vg1EKQiI_23gtgeNVDx4zghLF5bObD4EBCijHiAlqTIFU5_HqF7HaQ38WzSdgfp8mSV2xk8FS7oNTEzfKUBwu6jeDfeev8naqrJIse1ahloqoDX5SMM-ahzyDChA-RBinjF7HNQxsJnrOZ4Mp-42sSeSl6v4cq7niFjbtA5hjTaC5fJCNvqku76BaOEdkFXhZSHC94Fg4utu_oafudLXTiVNiOP_t_K5EVGq3eP-Mum5uwH3Bnpw-EXXaRMNSuQ695ab9cYpNNUxbWvUYoKlcxm4rZDMreEY-zHf9Ccfpthh8h8406QGE-KSXDPcSfRQKLptjo71wHryE&sai=AMfl-YTntuICT1e5AKl27Tg7QrqrDkT0AmyvTwud_K_UtSsOHVjgmp1GITrUAPlx3zXUXRk0uhEvmXAkdTM5W4MM0T_S6GQIBzYspjO3vEkvQZPPCvVBZeuD_LQAIT637JJnoPwRH_onVBxhhi9oulWBELZ1rCS5jEivYZdVX4o&sig=Cg0ArKJSzA9Z3lj7Y0KREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=285&cbvp=1&cstd=283&cisv=r20220216.25898&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 19 Feb 2022 17:29:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
300x600%20deDE.html
s0.2mdn.net/sadbundle/12495765431302633189/ Frame 8FED 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12495765431302633189/300x600%20deDE.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a66954beb210a9de1c90927f5a08035b442cd6c510f72cc9838628a198845f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2292
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Thu, 17 Feb 2022 21:47:43 GMT
expires
Fri, 17 Feb 2023 21:47:43 GMT
cache-control
public, max-age=31536000
age
157309
last-modified
Fri, 17 Dec 2021 00:17:58 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 463B 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstf16YNSojqq_uAmoqCTbJJfXVWcV5ys1idVB_J0_JWtccPBTcTzeo-jsH40wV870U5ZInKClRr8NZUzw6DdrSEs0Sp07eWwz_p9Hfom8cGG8AM1HbHHU-lJENi3mnZ40k9RckMdFQHlzxEnbiHjyO1R5Q7eKjNbwLx0lLI9POu_y56Lj5Ivl9aOE5FlguyqYCo13b1rh3PC5i6Xc2RPeLlaNw6TKOYPM_5DTWX16ZQuQyK8l9Wm5dmWFpa3GwsLomp2YAqjBzYKI8YeUYL5LI_0M4HiPrERpRn96F-waSCjXTNQbDjj3ZMy3QXoe2O9e23F0zGtWxUwQEFnNJNsueXd4RnJcJcDePi2QjV6tmA5-sxiobFx9iylQudcGKHBKATHSpT1p6TXsIQJOhULcc1GmMg6zfQ0q2xKpQfIeoWZ2qrWPlbyp4us-yeimNLv3yMCVzoBx1zZeWjJOZO-Z9xjZWaRzUw3N69CTU74MpKEQ3QA_G5w7ZtIM_Sk0QCJRMegXdx9EvDKHihh4BP-T0PGfNMIwAkdBEzUC2NaA3rN0PoXtFaupmxGQlnr0WZ5i9hF7s7Xoeet5nbz8IJo84CBbJLH90Rebkyhiyf9piXdCswH5p4ll3-ZTiOzwOdEyzbXVLVGMSv1j7ZnOjQ3PRs-YHLJF22nidwEr1pZZdxd5hlq89ZsFTZGleVG1ZJxnclDa4-8lgXwzHWiUe45DOXtl2_WozXz2KMGd_6vJ_nGLr8PjM6TBZmBjW9q7Ni705cQnjMMj4VMwNGhPMOArP97BPjhr6YrIYaC3IInk8HweMbiF_3f7XMfvH7sU4sFq_qS6KJNMBK2Qq_pNMKYLE6N3RobFoUJuzAexyjMbF-atUyNAnRv2gUxFyrhbakkq95q6V39csM8jSphS84U3p8v1aLfsXrwxD9_g4C57Ls8LTofckPUr8IpE5bwZZi-N_ygZDq8qdDm3bPGuzf5xdtmOOZV5gCqwxmhdfWi_qT-IZfm8I2WmRptmU3NwPn05p5yzOvXLq2bd_hCntYXkOG71x668uxloahu_Zyqfx_5H36ph1veq5uOlud79muUkYTpz5KzK4QUY-Q8-1g3SWe-8B4jvhvUlwNWcDIim9ETEs_AhX5AYyyo61m3R0KsZarJbbEa6xSuxn9YH3EJ48h1V5Zp_PsgZk&sai=AMfl-YTpz32fUezJZWo9K3V5qeokakC-0HqBgocaAjUo_upNjFKcO6JCmMDuTxTMTlZI3Wzz1lZYDZnFHDKiltQx7ZP31KD0IG9XXqoCQYOiREJfoNtgqxNTFtU9_jugyvBEZaIGIkEpoctJS03GwFy27ijoSPCYCRYvp52NFOE&sig=Cg0ArKJSzAeZBeqlMVo2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=243&cbvp=1&cstd=242&cisv=r20220216.55218&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 19 Feb 2022 17:29:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1922247669&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1186349696&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4574 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-OELyDoKZcqQ3Ep97Tfj4PKw5RfNC18LhGJws2u02CLxtdk9WSWS_R011gnps0dh4RuvD-80O9OyncfDj0V3IJX2VaYhIRlapQ-gIsdTrmTRFiE0TdmAtNslkWqNPzVu3_V7K2nf4jBk9lCbVRJAjQxw2UsRnmqF9qsf1cKLcoG9m99cYRyI55mbup9cGKKO4Nc8hfcOdka2yDxY2r2sZxGNZPs1JTnHLdfeT5gk3RQqL20Bs02iOoNIXRchIgtVw_YRlqD8PJE8H8HArTcnNJwy_Z0ilKwGEDHPrygDI-ygLmUK0uVpQoCQIxogOIemqfT10vmWIk6_2FHHmStSAIOvNlF1X9k4KFe3bZ0e1EikoQgz56IKTzNU-4AmTjPyTPKUq7rQRnrjwxg2GCed24bLC5J_eEHrRCxWiNyfk7WWgPUfN-fAYS4nZDZKe5IGm-mBHFbupFkgYisw0QHgRLYDSgg_XNu4P_J0MOczpJCRoPg2usLg2M20m6pmVer36BhWbcHMIl5SRBWV9igPD3XhmlTwFji27Y2BsS3-F4jxTMIMiSZc5D7u0gzzM4SBds-6XhOvpjViq9QnIsNgRQ53m9Ofj2taLXTMcmpvSISmgOFWk5NPH1hN5QHZhckx2BhAtp32fGsOtUCbEsS1-bZEr-ZVzdQn8r3fOYkjgnmmkO9_SHYZWy48GMs4CAtpgsH7TEiyTlSHu8JpUrYCa0qC0YQMTKGg77GyaVkO0f6XboMGkTNyUB0p4OdJMAxxUtJXpMY81MpdSFTyCxGSrEP-kYs2xrJJWvXqBXtmLve4nP9zmMCaHVCKJsp76RLMOJKIofo2A-gxhwXuL5RanVwcCOwBK9ytnTF7926QVP1aVgwVTgfiIE5vV1FTWBBIfE8gs_w-9YphF9E3Lr8bKZi7eCkpQYOxODpGJgGO-vSCRhs3GqYVAr0zucu1NkNqVxrY05IHWM9JO2Nq-rEDOKLWGgSoqk92orT5Lxa4KWz2xwRvpLDXT7hFEr_0uSGP3pUgvJfyqtpDAGsOIqrn16MrzcY2FCLE8F6BXoKWfEJL0_uLA_Bcv3SQ9DZfxfObPra5yb09FLCgUOdIk_1vKNZxtcmkrfthme9_iwQ9nxb2GtiPemW6FJgP-E__N5nFQ4QxOQXKL&sai=AMfl-YQ2fh7WKvoZIj4LL-4scqEkVe5lJiHGOSHaT59mqRu8G5PbnThE_76USQ85LsraHH2wg9B8WAOcPlcqFq9AfaP4Bg2gq33Hl6Ea0HLPoTQtn0pB0DRab12DKMPOturcHmm_vr-E3-nofiebKhlTC-p5UiclBQLd0WShhE0&sig=Cg0ArKJSzIIVBlxqbILuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=291&vt=11&dtpt=290&dett=2&cstd=0&cisv=r20220216.46091&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW1Yn6JDWMY-Qrm-0sb2GtujFYCmSk-lhO2QPIr0qjtgFvJxDuRAZjAsrZ1S7B_1vhuagw0Cf2g1LAByXmi_dc8VGcipHNW4fLK_o97nGcB2CmnedJfX4Nso0vxEDTPKqnoTxHj9x5qc-LJ7Brofj3LIVcyQ&dbm_d=AKAmf-D4e1Z768h1u-1_Kuu7lVEkQgYHHCNucNxIA7gGUiynje_Ml9yzU16LBcbXapDPlp4KvMbMaBTJRIXMjYA6BITz_9LdV7WX8z8MJGgeEu_HYayUBSPvwB2x5HUv4tPhxMZ9tgCY8ujTANjO9hYg9OrW-B5_7b6_gKTLHZE_lnwU4zfeOJCEipX5YslamrESLe2caH57prab0_ED_dQe3RgC2EsUzyyKBE-kKIQ32SFivn1vDRF3JVPix7qG2numggSMEtIpeOEVBbzpC6QDGt9lR0WaohcskGBL28kD1NARg4xaxFjJCjeBAHr3FBXb914AsUXhTRScDD5edRZ4hPVGES0VWVJivKYuis1H-4IaPB5q3NjvC3RamIsDvq_CrQkKCRZnCYFeYBfJfaDNi9XlO5LRxetFL03LL6hO5WJVjxhP_LVzyJ-DyZOcKjGqz_yQRZrS38jH9H8G5lfkTEOGPi0QpMffH6DogoKBVWKDNx7MDjDx5OEVVaFLOxkX1s_cJu5mec8KsstboNPUnG2nfyubdsuBDlOGxKKgv6hUSfIlJ0AfPGzQmcOeigfhSufJPUnFuM5wzqtruwGVtk7gtvGiI_ycHpHHul1Kiog1A3lgNb7XmUpeuu3t2ea07pszdUMj_c3zY9W17CCOhNKerMkAELWKgS-479lWT23Aj4gswKjCtPYSH_oBoL49ZZyqV2v5TqciSVlKODmFSWKG7FrG3RNwPpHP9zOOoe7OanmiY1VNyuOQr352EbKbMuf0C2le4gCAfd6ywqFnS9wCE2-4f5R_OXFMa9CzTK2RXw1uA0kzMcocCnr9CVjhQ3i_a3jCiQqPv02dGhNnz-v-vJ_FkvGgC5znPEc14o67w_-4xnhc3JZuCZh903pP73i48pv2Zco9EhG0snBqhX0SM3qZGxzv8laUxcN61EDUz4R6K8daNIx_Wck1ooL55veE7APKnVZcMzX_dD2I1JzQ7qsxBFzNp4_FSQZuq9r8fpreerVvG1aGn2RmV6tRNW7tnpvjyQtNErpa--MYECREaL6S5L7GxCcQMBgy4HJwjgORGd_tirNhPDSjiSWrmREDNDZxBmeZAblBkSSG_wxcGjN86G9jrnUh43cJedEXS6S-hmTMHtu-1Zfndos3omgtUfgNDgVz9WBx78yyyVGJxsO3TanCY8E3lNUDfDYbT-qtQCV9U5piENEXhwXOFUrwM3_V3Xi4n4otqXHP7dvMER4p6LVQjyEXB5IBmbutoizQ8KrwUrYBa4Hf4bPnAbsG2flggdWEkzUAFXp9tCNZZ_v1FlLzgSxEvoKllE55jTqTLccRtW1x3YVCF5P3IzjxtQS6qT6qdx-he0jwUt8bhCRzWHuoW4aSq5YPbImacTuyqzm1IV7JS65_WtR_uEdAqDXT9CFPVgRwK64gStnxasbecsS2bQSMvtIjWAKkx5r1DOetqEXZ3x8oHyL5lAOKqqgJ8sfCdiiGbFXRZxOzt7m-6TzKEBwL1HfiVnsyssgMq4QfjrQyBhq6TlaVoR3kJOX_YoTTOa6AuTnQSEVG9rzEMKd8dhi5Y_sWSkAnpFfEDOKEuRrI8Ekhh4fF7vKuqdp4RPb6301LUfaAD04w30jfgFb-D5LHLfKMmM3uCYh4ROF7p4Wt9qI94DHqbB37ebSX3EXfnM2NoWidXzlad8I5e44NFwkurP8tabhMmP-hNc8pW9Dl-xgX-WGmwScG3vL2zqynod2lXYL6jGGiVy8B21ZCx4zU0ayFYc_gegpcJPgIioPkFWeBtStDtlmz_r76DgAggkXiGf7-yDDR_-mHmorqbG-imK3sjX4KshMFOe-aIAskVWyPt92IFj5eOvCT06z5ne8PBWbYeKElAkwSjo7tnq-sEXj62zYSDqI_iAXLNRe3yCl9Ki0OSYwvS6ragJBkqxnC0En8kbiCPbkRQGK7kg33ofULcOo1eDymxiooIrUTv_dYMzI1Jo1ryT-QIzWDwaGkQYwucQ4VWBrK6sPcrfn8-bJDtc9YTtAXVYspvwdg7I7DZrexBnEx2RRbEfeE19y_rlSlCBfQ-to6tS16pmLOwvyqvhneclPqHZt72zo0WRH3V8QMdDMkThbyVLftF9WtJA87oWfwvXdNVz5qLfzjQsRc8_lWP7E_GafVq9u09mUO7FWvd0kEFRljmt2-3fsWrlnTcWHFaYnzgS5-FJnZQjGftQcwZs_wj8ODos1mi7QedKRndyVzQTeyvLQF2SyaQji6KxhRpbq7t45nWnYciFFym6Vf8RakyzgnFKQTJuXoQ1epZgPzuQwgmfhOmdqIqYUYJ0YE4LVPG99JR-wL4zbqXGsrGVDjXKxgiIS0iKl198kDPJ2Kiqz9-hWCiARC7dm7XBZQHRVYDML3_JKBb7lEI0NsErgZWldxFEc2vEBbEa3wBvc5R0YiUNPYKM8Mu3U1DNS_bfOKLsP-khrQgyCBQebQ14akN-z0hIsp0lPCsMDMiaV9HZ395FBHLjAuL8bqUQZhCKOFUSYPFDL95JPnovKpHzdpgcfkVVLPbzfRXt-7EDa2VUYSBGM75EfrgWAnMoVUMxW0FeEU46t6YFnyUAq351GALdY39cW8eS5ilm5v7_sZY0eYpSrgc-YAB3BWvTAP3aaY-oR3CMyv9ulA9q66xCNpMkuT-ZbK6zClMmoMQRxuhXueox4ISOI944UbdJ-C5LDUuJ9NzamXcXtYjAgfCQHR2vWu2zR8gKO7-FtcYzwa3R28hp2XqOI5LGuKHkN9NHBPSdR-Pl4-AYqGqYZxO9mg8oJZ17WyhizCu4Gne8jLbDX3yRz4OtjOTcWCdikd93Iom7C9MRzENqkjGpozrvxdUuVF-r9IbaK5yYwGuYTtSm7kXwHsp9VCs5DQSDYOHBMZFfU12lIQ-chhI3IhlrFmZ9cIsPoFIYzyRToatzoQYuAE-Egf35lYhgc5yAIiRu1nFAzdIOZYfg4qrHy2SVkoIGF2-JljjSRM4SlL4dRv_i4deMwERCnTJumrYsmMfdISbBdBB8qIvWa2LEZVGJVbRnWWtxyDmcJVzAG-euolL8Y7N09bbXYvzNh87BHwS7-LekKTJbE9ii8uqOYZh-Vb2z3HH7lOuowMeGh2X0x0L7MwYdJQU3HMnzwlB5w_IefZPovh_nbr36rATrFjyRufptA6chp6fEWdRF6RDgUl_EIm0nA-iVaffN7aAiiGPuGIM4yQEVj4DuKXGYnaQI5kG4_vthMBlwK7XMWuzr-q3ne6q9QmUhYOeJwZdTuZcDQxTngH4eVDMtVTuqM3rFiZnM8gaDvRuljTi5DiDsMxtNVX_XRbAFSPiAFm6Z3nyBBdWA&cid=CAASFeRoePr1comzWDSDOE8vMDjG-DDKZw&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame B46C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssv2x-Zd1ASm41TLe7hiseJvdE20nxJ_wu2piMyTBbwkvj9-aEUnRw3dkR-7DlRwdes5_wIl4YdexcE6AI2yyLxJmVBdAsuaWXl3x5vdgJ9a-RGnI8HBEHzX8y5NmNzcqINIkpaZv6ODx_6flrTM4tAxQFrywpy1rUJV3wLO5tImlX1lVhOOkR80CHcRHGl1vPIDQTL9v9S0YMJoXmvgo_YPgrn_mldU7qbDXaehdjTNSBs-_CRSDHkFyKchWQzMJqK4qntluLa1C9xU3cB-Yj69FfWmXdCSjBrUWC59lR2ko7UrCOZIfT5v-xBNUpt98Lpa6jnSJ08aODZVst4GdutXEK2IfHi8uzjiOfpeQuUg9j6XQDhqblD0L-PlD9nAvRnRWmU7q-pMXQeRp4do9IffErElVeuJUWVloGVQGNPWXwB8uPh0GDIRe80OHGQKvoFHOQVThwLHd2bJligYeGbwCkGojElEaTmg8bvayyBADlf5OQSf0Wb0yU9x7qg326LveKL5QOorGEgQiN6rSFdFdGoXdSxqb40G7eZXdUsUim-MsrPoZ2PTnHf4UNluTNFnIrwt1ssRH_keQVx-kWUbgCPjEJQacTZzeqJe3xfCxR3_zPj1FZ4M3uJxCt4DwPdaAI6tipF-d8h-aFRyiRkEEwCZNBZh0pkRUPot2YZ6erntjhCYHApCXrWhfLgJa2GgRSXfaARFtQ8c8seWNT7KgYmvQYffA7oNn6yFB_IMxXlsst7YyHp_S_7u5H_Qx16M1OT5jpJVYaKWB52To0uv__oarcTaZaLssqnrhQGX03bbtbJ1tSDF2fqTtdt1RNOk8OORzkMa5ypW5yyBzkGb45YK-AYnemsSHl3KtwPqlfyrDaUCLSWM_uUP-V3rmrq9z7KCt-tICP2T8VovBEqtThtk7Zz1tNo7o0cvkjwgjnQMYX6CS52UxPeoErA250ql4Bv3yzhNBOzlCSrsuvS9fEdkuFi42gbcbrbM9sBsordlilqsBDPnWn_kiZ3Qpep6I7YDuiUcSM-ea4BokGlIVqdN7m3XxST8A4NkakXJLIG1UEvAJRLiGbHMnC6w4V2oM5q1zn5XtSP3_q9ajl2jZNGK9Kf3Iw86lQk1tcvUZ3-SB50W38AUy2M-Lyw-7IRXoAup2xS&sai=AMfl-YTbwkURDIKHrhsA9Ks5JKkqxQGsfHhVVjqWBtTkhDLwYdfQrt9RlFl9_NwRQuq_eTs4x8LNcI1QfU3DjQHclcsZZZhFNKuXcdkIEd33mACXxntk5Tsv58N7x_FepLZTTlXENyFtf6wC7nSX0h_tMygeAwNt7Ie4l9rP5zA&sig=Cg0ArKJSzIO4KMSFKuYzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=311&vt=11&dtpt=310&dett=2&cstd=0&cisv=r20220216.88251&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdqlFdYBEr5NtrYB1cRoyT0IWF4cvbGFI0sYGEw43Wwdje3sIChgJl8hsuASqBd8uMDF8eU6NYczZ4fnB0XRrPphUaUKExD2kR9zqyJ7nYaa5nG57yMgTv4IJbkApiIX39O7ZPHLxhs2CzE5yjyKGSut77Ug&dbm_d=AKAmf-ArHufKDYkkmbmjG-0uJeQ2YtPXUrpjMUeRAjQluG6_d0eHrcTYXANM2oydQHcnzQZsgORF4IXopT56pzIV7oNdFc0HjroJLyBUi5L-kj3gHazlhzRX85mP4FNCuuIHFh8xUB6k_8kLokV-LMU8sNjBwNO8zICQWSUAyMDoglABtDygzeJ5xPa_CwAYHrshZ_lBYDEfy5YbR-Kgn9F7YRmQVfu7kaWc9Bjr-oICyM3boBDkpGLLeUMWTv3Zsw6DLbv7YkDjsZjfQSVyWQJkx5lEcZAY5RrIX2XzMWqPvks1PbVFvYS_r1JIT5S1fvvYidCuLRC6V1bOOnwVeBQMsztgXpdWXo60QAC465yVa1yJ4CIHLBduECxMhLefR1NER1W148ZnMPo3lJyVRrWbev-dQ_wJu_k07CL0B67-orA--aUu1SQqqZTt0dwD5hhF83is7jJUTOpMwROi0LDgUdMelwebaRj78yXozv0ywVZinR1CM-zKCOWFKhv-c29JiE5KPOOvfnHr5Vbi9LpiQ4txwcSQti9xBdx77kHSFUsQ7DeTwt5xVV-peSOtArGCXhZXW-We7NwSQp5A6oGfe0jSydPkGMVc-B_QK3rv4u0J0DsSgUhcw7At_ar-57M5sQDfHknz-e_zmiEca7d7R_pazYNTVMwUALkMo1RvaAN7mhC7DgzRqTi3DKYndqN8knqX2jhStrjsoExBoj6uMd5AfiQdNinTb03amzP5rAcYn6Q1I5boq0kSMZE7lEXrOOlFLcdYyAX2WGp72aME2WCaXZ8rFNfYlqyPzczhLxcVsT_ntmrIrcOcMdp4S-gssoYSMqbkJKlx9eYUVQVjhMzaM-ghxOdO4D56pd4EynC_ug_Ge5MnIDLm5Tl_MnQ4jDt3KQ1Du3wifKcrC243IXv4lvfGGmL_SjMkDuwBEk_0RcVrQdBiPDmj5p3b-EzghHB5c2Jpolxb0rgnWwVt9jaoy3r5Od-YaAGFWX8fxhzYboLDyvLsKXgsrG45u0yOMLRPkqFmNhohN7E38-efJttiAZ-BMyVPLs1zTYJnSeg_-Zxbam-KmZRlY5OuVJmiHBenidSBFK69LF5Ak39ZXDwAx-5e6yKN7HGM_dXqmT_xOphOmgKzgd6S6kS06HPFMuIGBp-yAKvByctOY0O3ZK_iwiSXSuBLDD3Nc42vA9tWUADSZgvQ96RshOfNcpG6p9mDpHT_Lzah6WDrCfjJz_g4x50AjjJgzjZK7DqPxvp4vrvr51h3ladTUCAmMxSDbtA_S2699AjYPckA7ar4Igbg1w6jCjbJQupHcIOWUK-cwesUIUKiPf7_OuptPy5grbpqGR5a0g6JUspgl8e8z3BkMqWy032nk7orBzkUrxAUe9eakPhhCqbWf930xY9twiu7ah8MCV5EMtOAWuO1iBzuwPqWuGX05ib4nQQNG2XKBjFWIEsIUll7Q_3PtCp_hptaLkbBJtkSu4tWo1a2PvyqpOsx_7DFvp1ZQxYvPESaLrA0ouN1WLtk_Ndq_6DKHy03VrB14YnPgZc9b3Ip9V3JEpfVqwWaXW6-ir20b3HMNc0iirFSUZpYlam8FJwZK-Bp6cFIkjh2vG4IPjZ5FWnqzKuqmoRzFIra6M8Q0Zb1Xhdel8uSQApf-rC7bPVbMvdCPg9WS6w7vbu3UrLSTZo60O1dVoyqCmHGNLJzj9kiJwZ6lOFcS1R4WENV7n1mfY3kwZBmb9V_SOwWZ1tlNCyOi4dDavPF2Lgg6jbC6kYF7AhEoxlFUaBMPGx-X6Xq6tctcgUaVfyMza4UR4cnJCUIzilGIeD8qDlyiHBuH-xdspgM7H94pc1buHEigKhhfDaRooODzG_NBiBZmiOklsRdMuSfOjtnh7dGYkyj0ipzXfvuMxKCYq7L4BkBRlUqqR7tvwYlYmYRqL83KxT50l6AtSjaxAQgkGh4wGv5VfSmRC8Z7XShr4k4S5DDd3Y7guCVK24ifbgdN8_X1qgox5oVaQU8o0dQPOtkIQdHuT_0ttMP-RjF6s2EN2oJ0Omg_-qrtm04fygm51Nyef0fwpR6fCiSVpjDBnOMu6qUOb66aahYKIqfN-wUigdb2A6RpCFaKWU4To-zfuO7T8QKOz8HrsilGeCTqaeIizp_sN6UPtQLMVxQP5HrkoCuNCwHN50k9qAOnfvlXNmiS0ZcM9I8twlzZtwjiouoFgD0VBLldmwupM55DUqJM_qiICUlxgWwQ7W4gy48-t1n6gWaLeHrV51mLZc_Bu2aZa-e126oZ3sQhfmyyfBS2dDeZgTDdjzbVJIlRrD5bEQV7BTpRk-OR9L3KDKgOXf4EFmcwZWV4cFcV2dLsL-ND0KmG5e1ioQtFdaOqHnqzfZpjPgbPbmRL87TmmaMW14qmxIH6r4ILBZaroBKdt7ksP7cgDxytUY82kYRCsYP9aK7aLLP05_OvJBt93Sp1Bl52SiGW7IRpCoz_VwzUp7E1zKIYn5XD8bwhRo2Oi7-I_vPopf0H9Agxa-oG6f_mZdmHBhvnPCY20KfzG47holsMkCD2tCUhI1YJY8OdOl0L5RL7EStNVO3yPCy9E9FYIly_eY0Zu3NVNoHd3ymawj-hjM2Xp4HOekEveMkSfFVR6MJMWG0Z0EN_DVUMTY9O9Cl7gMWAG-yHfCfzot9yDIlKOZ6q6Pp6-7nMNHqjf3uyD9OjKK4zSbzWVhKm3__TXb3hccpkkWDsKLdViFqKeaCCUptEsPMpNpB1UU_3Jt8j_loVbGhbRgzpo7vSJZsGFaoTISDldH5gJ5tXLKIJAGypkbga_wjASYcVk55crOdRE35dceVAPRxvTqMnwAQyRBXnWW2Hhr68tQPDUxUS-K-O-FShAkoPON9ChftEZZe6njSUq2bu4e3AI93e9nYal0abCETAmPHV0333DR8YwTrNBpsdIqtTTeujVCiZaRx6WgfINAkgJoxSbl8wZxGpKo8psX3P4oXt9EbFdKTK5EEP9nm5YhhpZVJOWajgc_6aRX7fEms_eyPw24Z2ENjQ-iIPrkG-p9YPZul3E1VrLhQZjmv-Ybj2bUiMmXQO7Kru8A98q2D9-47eLLoU669bH5OrUAhFCQcc-G4ZRCpL4_Dr2x94WXv60zdKshsJ3Pttvu9vAP-CMv8Wgc_ssLLTdNT5trLSaiArBJmeIEbI331xD8prbWbIse2zabJMLbu3FMkUf7ukKLi9IcM9HGIVaEXxf3jlZDz_pIavaIx5JYam4TGxZDaMHQXJnVkGmeVbZM0DigPZVFxNspS-ogNWuHOQ25G5rl5scN3xwJvtqYAc8uo0s_u1Frfz5ei2HzSNjMQzo96U7yFovMfUg&cid=CAASFeRo-A8eUaQSb7Ma8dafUmkm7L0PAQ&rfl=1%2Chttps%253A%252F%252Fwww.finanz.ru%242%2Chttps%253A%252F%252Fdfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
pagead2.googlesyndication.com/bg/ Frame E644 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 16:21:38 GMT
IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
pagead2.googlesyndication.com/bg/ Frame BAD6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 16:21:38 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvNTMxMDQ5LzM0Nzk1MjU4YjI2YTJiODQyZGQ1NTkxYzNiZmU0NGVhLmpwZWc.webp
s-img.lentainform.com/n/10025731/80x53/0x0x493x326/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/10025731/80x53/0x0x493x326/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvNTMxMDQ5LzM0Nzk1MjU4YjI2YTJiODQyZGQ1NTkxYzNiZmU0NGVhLmpwZWc.webp?v=1645291771-0403uvy5hXuYFT9G0Y4HOAgs1B1a46n-zU_0ELwwO6I
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e56f3d7095d918d7f937a3923d7a2fd186feb5aca8e00825ac1f882f6d6b8d

Request headers

Referer
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
cf-cache-status
HIT
x-mg-request-uuid
b0d634bb-de14-4d02-ad22-0b8f94d620d6
age
17196
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1178
last-modified
Thu, 17 Feb 2022 07:02:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6e0137c7db9e6921-FRA
expires
Sun, 20 Feb 2022 01:36:43 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvNDI0MDM5L2NmN2E3YmIyODU5MTQ1YzQxMGRmNjA3ZjBhNTFkOWJkLmpwZWc.webp
s-img.lentainform.com/n/10033227/80x53/0x0x826x547/ 		956 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/10033227/80x53/0x0x826x547/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvNDI0MDM5L2NmN2E3YmIyODU5MTQ1YzQxMGRmNjA3ZjBhNTFkOWJkLmpwZWc.webp?v=1645291771-UL4pgxXjySgj7SiTuweLXJEJZAqWZ4FeW8oEhT6XYd0
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13903e0eeb3f0ed9bd090d9564f6e7d516f48b09060a7db741e31dd2e7b8e79b

Request headers

Referer
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
cf-cache-status
HIT
x-mg-request-uuid
5383e20c-cbb1-4815-a098-ed16a75c5030
age
17065
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
956
last-modified
Sat, 19 Feb 2022 10:23:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6e0137c7dba56921-FRA
expires
Sun, 20 Feb 2022 10:29:01 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvNDI0MDM5LzBkZDE3Y2JmMjQ3NDgwNjljZTY5ZTczOTM0ZjkzM2EyLnBuZw.webp
s-img.lentainform.com/n/10022340/80x53/137x0x1083x717/ 		762 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/10022340/80x53/137x0x1083x717/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvNDI0MDM5LzBkZDE3Y2JmMjQ3NDgwNjljZTY5ZTczOTM0ZjkzM2EyLnBuZw.webp?v=1645291771-Mgt32FPQYS72rhrud4Dr7tM5XsrSczR8QvogpKQxXrE
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304c53767296b186c5840c0f722928420436e7047682c5dbd518e7bf43614577

Request headers

Referer
Origin
https://www.finanz.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
cf-cache-status
HIT
x-mg-request-uuid
476aae20-17fc-43e5-8e27-354f32bbcc84
age
25997
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
762
last-modified
Wed, 16 Feb 2022 06:01:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6e0137c7dba76921-FRA
expires
Sun, 20 Feb 2022 06:07:50 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:32 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:32 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame E477 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:32 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame E477 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:32 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
createjs.min.js
code.createjs.com/1.0.0/ Frame 8FED 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12495765431302633189/300x600%20deDE.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:5f80:a::b212:e78b , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 19 Feb 2022 17:44:32 GMT
300x600%20deDE.js
s0.2mdn.net/sadbundle/12495765431302633189/ Frame 8FED 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12495765431302633189/300x600%20deDE.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12495765431302633189/300x600%20deDE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fae32bd2cfb6dbe394c30ac74a1b2a7887cd80b2a0ba63f91dc6e956e8c62363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12495765431302633189/300x600%20deDE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 16:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7731
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 00:17:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Feb 2023 16:46:17 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 59A5 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 12:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Feb 2022 12:53:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BCE8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BczQf-ygRYomuKtyO9u8Pqdqi-AMAAAAAOAHgBAI&bg=!-_il-LzNAAbf-5Dq3_s7ACkAdvg8WuGySZU3GvtqzbK2MeT95xi1CmN5EQ4Ze_ICNnM93JXJCk8eugIAAAEBUgAAAAFoAQcKABIRPcm8S3p_Vv3IiGEPE0dLzQCZAvzCAU4L-k6x97-45dXbPr_xN1QPVdt0G7IaqPfxGet5VXtMjChRhWMlt9_Js4HEBQnVQmM1UzkijGCNHdbofVsus7oGj270Z-XIVQHq-YHOdJaaBitsrdvKZktJiTyXEnofO6O2krIAoQ7n65OGSLCY2wZdGbxkRB603qQ1j2xSuK8_Fa2N35uKa54kk1ULbREYV_7NDVmT57nGr3KkRXlqDCiGLI4VfhHrgc474v0JhfepdsiwMdYij1qFKqC7N83k8o3l8Z6fQoLS4DztVFU2Fad038KHBsecAcmLgtxDKBPgXxLrmoNOOTd6fgkT09B2eX_eFsggeTHmatL6eWvcHHyeA_I9YlKz0eP5-GRyLijuwD42puKWboYE9_DQF0wjpxGtF0IMJqDeW1Gi0UodHuj4BWR50xwGYwi_XGHX_trj-XblPCgci7JG3IFXftosRxjNxZUvtFOBGfdQj3RJlG7XXtJ-8DYU8uwV7M08UUvTlVBmKNY3w7mTbobbibZbl5enIWn8vtEc7nKeDWjDrBZ-Ep0jO5-et5iWr3TJ4TyEcJRacfMZo3jj6z3maFeuvrB5HQIcoCSUGaTo3qrpnC1WR906ZsVfiM9RkxUVESjZnH1PSZcL8krC2wswnWnwA0Bf2VybBxDD3B_y9qtMuUTTzz5hYcVHK3PHI5SackDV7CbAz4G-etdw3ypWD0Nf89Y91hyLzz8wghjIit6sxv2jdNm-Nhzc11Vn8v7W0I_aUYmAI7GKXnge9KYKtn9BW9-In2IqhpvqrjyIrYSHG-iHTZuLUdNldvfLsaQ4KfaF7iX039D42YGPRAcxS3GI564pgzteEXVWSG38O8XpGcRUvWyT2kQNP1oSdfMIfI8ja8zHPnzXVWZ_vvO1_NnC0BYoipQFA4gX5YMQd0pxUKsL78oGLuurjwL5mj5O_WroPeIK8mgJpruHeheWZCnlkZBnllaL0aiBXiG4R-78qM4ZxR3e2v1YPUmRevy_-SpEFaj59V-iW5lzHg
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.js
cm.lentainform.com/ 		0
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.lentainform.com/i.js?&cbuster=1645291772299488198278
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/f/i/finanz.ru.628816.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e0137c8fcb05c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D20 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7LCp-ygRYrHYKraH7_UP1vqu0A0AAAAAOAHgBAI&bg=!ZmWlZSHNAAbf-5Dq3_s7ACkAdvg8WhkToCMHmDJy7l-cFIf5HuKct6xxwSk-kyXVnMF8wJn9QzdF2wIAAAD-UgAAAAJoAQeZAx4o8JF9ihO6h4p2NaUc2Fq4XMINjQQ8zqdLMxGjn4FPopYlsZMSAhrjUBWMbjUyLYOmjR-liRXBU3LO_0Oqa_dVwLXsr6wJbhUM0UTqPvJmAnkryB1GKVK_1vfechBg-NHggoGW_3KwGSZhGFY7twAjNGg5qCSQANi-Jy3uRzFSradijKEujJ8vAawnYCU16vFbgW-RKgdkL14TUaZrnayVNv6zcuF36uL6h72z77zUHxIV--AnL6G0pYM-_xAq-sDG35fiQNElUYW_L9sfxjKKbYxtPRxYePv2H3FxMOhZjaNS_5Ms_6elZ0ekLw2mH84B92XToIKmtwglWmt4D-_pkHKtK_TiL0UII5eyq3PQk9--vps9fhZUemvxzjLMd_VtJJG4MFIWb3x5AtP68NmrsJB88BcY7ZacU1qjKODdE6iLq4WDgAneoaShU8OILa7VpAPFk7ZpAuNDNu14OxT9wwu5A0LwDDhYHjhoXhFz7s4waFmAg2pv-IEXqb4801PZwX6zRxouZRClnG2RX0z2jgz1ny5twOFncnQcDKvan_mUvAjEWMgG3DLWYgFoBfA2WH3RltFnSwjVVpH3UQrnGDkrUc2f7ViCe4-88s277fC2Og2wa25YQt5E5y2n2DQxQzswDm-Y1BrtT8po_eg2i0-ArDNLhbTlux6lUFv3B_r5YSDJwaFINSrdHOld7u8H_eNs57gtvZAWG5jjOR8tL5x1LTOKOohTU_0VWVVPsPL6FANydX2a6haDsIivS6i-JbW9LapN63lkh98KN2vv2Og2jAgaYBy01uNM0FEWJjJN-SkTRKqrdKdSX3K0Ydk1EUmQtnlXC3iJWwkXYbGCof1VwJM7XnR_iL02Ea1LnV2a4uWEskZ3bZL5qBqnF_hjQyT6lwmI-AMxK_ijv-FCQMx0G2gtUB-gwWi0epj-wJVQEVStkJyM_n83Z_EMcM4lmqTZRUr7VX880yBMzSuy2sHzPH88oc_c-nUOHxb-v5n4qqkRE_S64-p1QNwClm3EPeh0ZDrYLfbrlReVneUhcuWIUYlAhac5YfZ7zXQ
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i-noref.js
cm.lentainform.com/ Frame 0BA8 		0
59 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.lentainform.com/i-noref.js?cbuster=1645291772335909711028
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/f/i/finanz.ru.628816.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e0137c91cf55c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 59A5 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3630430972408758272/VolvoNovum-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 13:52:42 GMT
x-content-type-options
nosniff
age
99410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39068
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Feb 2023 13:52:42 GMT
Volvo_Black.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 59A5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3630430972408758272/Volvo_Black.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 13:52:42 GMT
x-content-type-options
nosniff
age
99410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4824
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Feb 2023 13:52:42 GMT
Flash.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 59A5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3630430972408758272/Flash.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 13:52:42 GMT
x-content-type-options
nosniff
age
99410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3431
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Feb 2023 13:52:42 GMT
Floor_extend2.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 59A5 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3630430972408758272/Floor_extend2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 13:52:42 GMT
x-content-type-options
nosniff
age
99410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57259
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Feb 2023 13:52:42 GMT
Spritesheet_XC40_MY23_4.jpg
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 59A5 		783 KB
783 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3630430972408758272/Spritesheet_XC40_MY23_4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:34:13 GMT
x-content-type-options
nosniff
age
150919
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
801309
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 23:34:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E644 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCqOL-ygRYq2GKoOQ7_UP9OK24AEAAAAAOAHgBAI&bg=!BQalBkLNAAbf-5Dq3_s7ACkAdvg8WhltgmgkB8Z_ZZ5Yy3qYE7MMjs96_YXGZzXIKg7qAZgPJJufjwIAAACxUgAAAANoAQeZAuguAPiJDGA0MpxuxzNw7p7uiPF5h2q6-7RMjok-fM0g7N8U53_Bk6WNYHpIeNMTOdF6PYfmzrQq2FUHo3vlJtKyl6bA1gHAPbzOAfX2ui-WV6S_nMG44sTaeOtL76zCsg1BUbuoEAsAI7lJ9VhIbef8GJ__F09dh8QhptAzWLxwR99LmW3CYviiitiRcBitAtMOs5d3b-Jqd5VB2__iQuMNMYcZIufaA16_X2YgV_Bv1m9obBRbeTGdS6rlnokTVxSsI4gVSDhESV2FLYBGHPAXimQWTDakwgthHn5VEqJwknsZVnViRaIf9lnZMOXs_uJVBxZBKkkhB1BEYdtLEsHukbRheBetAciG_2SzOWxjtwRBXx9aqxFBM4kIvuKBqWkUgU0U3u47-tBusiMhnor0J1e-xUGpwpVsvEhfHetFh6CYTBB9Q_p6snO9y2fivotNbkdNEj2NY5xYwkS2HYU8N7nhagoHXqJajlNie-Rxch-8PkI-fC9YyZdWyC_br-k5c3vbdzoAFUlslc6SahaEP-lLpBSgHpRdd10GDNiWjkqpMKQpcmG323-wLplMJUNQaX0jyYGub7tH9a_-pVQCV7HMOugbnEMds6eRFkUWt7uKXYpWUzbhigAZMrun5kQB8__2j276vcq8bFz2205t6DEsoFKQt-U6Tz3IOD_DBHMsGlQuaKIB6BqQgrCZaCW4cFmi1tXk4U6zzCvZg4baXVyWdfxgxvmaXVxEMG2470_gigpzhnP8nv7d4h1ex5tAP_20Rmcsl6gDhHOoXKGzdevJYd_cDenJKgsqTkCgLhslCk2m1NpSWQKq1htkNMRsq59sc9bbRaJO2Yp51XTCg27RYIEd20Q3GuYgyuXsk4NBdNMHPqxw7Wej61auyEh-QjCpjgrOpd2Nr4QZX-QVNIL75NiRXzpKiV2MtRENlCblaiWVVasltRBDauBkydafxza5CxKunHTufzwgKi5DUD91OsiRpow
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
counter.php
autocounter.lentainform.com/autocreative/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autocounter.lentainform.com/autocreative/counter.php?id=466985&pid=42814&referer=http://admtax.ru/&cxurl=https://www.finanz.ru/&undefinedh2=CBvd3SiXK6CDlaashqQY2GKObZWUnufkg6hr4Su750Q*&cbuster=1645291772403371345853
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e0137c99e165c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame BAD6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsOPm-ygRYu6oK_DH7_UP_oaKwAMAAAAAOAHgBAI&bg=!bG-lbyvNAAbf-5Dq3_s7ACkAdvg8WvtHDZLec5YDq2SVJxM0TqTcHcodO9S1IkUqYcqizQDNab7A0gIAAACqUgAAAAFoAQeZAxdgxRZFy09aK8q54TZTJIeeSVROW0F2QTibm0SppvqExi2Uh09Au2RYIBuqGV6_TXWLsilFsli21rjgyCeZ5qrpob-ZkLT5hDF8f8guKy2OYbt_bRtpKUrCsgYWbIx2bqmE0AubgnuMZ4CBEX6Ev6m-6pk0tNIQsdoCTd_2C3ULWqVeIICFMlKpmP_WXndaQAAagua6CDmFCYGXNulmy3vdqtNNaFc7jHyahok6cvr50bZW3ANzwxAtU3TjAS-sa5Iq-he4XmOtcwRHzmgjt-ZzX7-DiOVrB_VgTaLEYUmG8PWBMKXFjfwdepewbmimyAH-E-snQh1S9qidEeX-6VrqGjHvCdQHVMgv9qL4nDVQtGOYm-AdeVLfmXZBiJHeVl_c5R0jmI5nESPC13PY26Z_8LPPUmE26d51xItf6ybmw1mWXaMlE4d0utyy6dMTj46n5pFZQktReafefMX3fTFVt1F_m9GXk2yrmEGXCgRONa8XuSMhK0w_pQLTTxI5eYWJw5IwK7PlxYIAn1SdrkRLlv6xfr9OM5HuTG45YSigPcLnMj1RVaP6S0bnkSYh31vGNuzXv-60DT51BYinf_5cZLgO2smK9nPZ30e6QcdReNrKRViTEjePkZF_0W2La-XHOygfSI_2quMNVin0-yOPatFHp0Kh_AOWNOouC5Rd-6PKJSlPvSMxz74nQW4yC8TK1BJRsmByi4YwvjqipWSgkC_BJS1mApG7UpGxffGamGFyTxr0hykiIACw_Rph08eLowoGb36SFXcAM1EFNYEmoTvxHliKFOhSCORD4QwkBLLckOrTx-1DsI_MkXJhLuuffnJrnOt3z4T8zFeBUC8k-9jlCt3piDlie__nQazTWqooPFL2SSRN8HteUcDDm5o5wbHq4t0AL7zZ6RAGmkGkUKcaxIvKDgloVcAZpmaOi6F5ze0mz2JwkQwlyx3TLSrMUSLRREUIy7y2SfiAHcjNY5je_-LhzaViI8P6vVMqyHWEDfAwxr4on-YVaWATLtH_9Cs4FPk9vVXnEcT7OX7e8V1CykzB4Q
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-iframe.html
cdn.viewst.com/cookie_iframe/ Frame 1ECA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.viewst.com/cookie_iframe/cookie-iframe.html
Requested by
Host: cdn.viewst.com
URL: https://cdn.viewst.com/probtn_concat.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
0796a6a94a7121e7f45108cb49731864d524282696bfa99f24e33e53ecdc897d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 19 Feb 2022 17:29:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx/1.19.6
Last-Modified
Saturday, 19-Feb-2022 17:29:32 GMT
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges
bytes
X-Server
common
Content-Encoding
gzip
X-Via
1.1 PSdgflkfFRA2gb73:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id
621128fc_PSdgflkfFRA2po75_61004-49224
getClientSettings
admin.viewst.com/1/functions/ 		154 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.viewst.com/1/functions/getClientSettings?BundleID=finanz.ru&DeviceType=web&Version=1.40.1814_02112017_dev&AZName=&log={%22type%22:%22probtnCID%22,%22cid%22:null}&DeviceUID=1645291772499-973428146&DeviceCUID=1645291772499-973428146&localDomain=finanz.ru&SelectAdSet=&NetworkType=4g&X-ProBtn-Token=b04bb84b22cdacb0d57fd8f8fd3bfeb8ad430d1b&Location[Longitude]=0&Location[Latitude]=0&ScreenResolutionX=1200&ScreenResolutionY=1600&retina=1&ConnectionSpeed=9420.8&AdditionalTargetingParam=&ButtonFromInitDuration=0.03&SessionID=1645291772529973428146ngj5h03d8g00&OriginalReferer=http://admtax.ru/&DAPROPS=CacheBuster=zib8syibi800&callback=jQuery1910645290762371747_1645291770480&_=1645291770481
Requested by
Host: cdn.viewst.com
URL: https://cdn.viewst.com/probtn_concat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.89.138.129 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
129.138.89.34.bc.googleusercontent.com
Software
/
Resource Hash
fc30f69f8f9d362ee3427f8bba67d2c26443a0e39c28126b14f7036f25371f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 17:29:32 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Probtn-Request-ID
ksaVLK
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
300x600%20deDE_atlas_1.png
s0.2mdn.net/sadbundle/12495765431302633189/images/ Frame 8FED 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12495765431302633189/images/300x600%20deDE_atlas_1.png
Requested by
Host: dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
URL: https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693d7208dff9c33a6f3d7a4ea8ec4cf9aed02a151c4bc42d28e2bad64047072d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12495765431302633189/300x600%20deDE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 16:46:17 GMT
x-content-type-options
nosniff
age
434595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72171
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 00:17:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Feb 2023 16:46:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 463B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstf16YNSojqq_uAmoqCTbJJfXVWcV5ys1idVB_J0_JWtccPBTcTzeo-jsH40wV870U5ZInKClRr8NZUzw6DdrSEs0Sp07eWwz_p9Hfom8cGG8AM1HbHHU-lJENi3mnZ40k9RckMdFQHlzxEnbiHjyO1R5Q7eKjNbwLx0lLI9POu_y56Lj5Ivl9aOE5FlguyqYCo13b1rh3PC5i6Xc2RPeLlaNw6TKOYPM_5DTWX16ZQuQyK8l9Wm5dmWFpa3GwsLomp2YAqjBzYKI8YeUYL5LI_0M4HiPrERpRn96F-waSCjXTNQbDjj3ZMy3QXoe2O9e23F0zGtWxUwQEFnNJNsueXd4RnJcJcDePi2QjV6tmA5-sxiobFx9iylQudcGKHBKATHSpT1p6TXsIQJOhULcc1GmMg6zfQ0q2xKpQfIeoWZ2qrWPlbyp4us-yeimNLv3yMCVzoBx1zZeWjJOZO-Z9xjZWaRzUw3N69CTU74MpKEQ3QA_G5w7ZtIM_Sk0QCJRMegXdx9EvDKHihh4BP-T0PGfNMIwAkdBEzUC2NaA3rN0PoXtFaupmxGQlnr0WZ5i9hF7s7Xoeet5nbz8IJo84CBbJLH90Rebkyhiyf9piXdCswH5p4ll3-ZTiOzwOdEyzbXVLVGMSv1j7ZnOjQ3PRs-YHLJF22nidwEr1pZZdxd5hlq89ZsFTZGleVG1ZJxnclDa4-8lgXwzHWiUe45DOXtl2_WozXz2KMGd_6vJ_nGLr8PjM6TBZmBjW9q7Ni705cQnjMMj4VMwNGhPMOArP97BPjhr6YrIYaC3IInk8HweMbiF_3f7XMfvH7sU4sFq_qS6KJNMBK2Qq_pNMKYLE6N3RobFoUJuzAexyjMbF-atUyNAnRv2gUxFyrhbakkq95q6V39csM8jSphS84U3p8v1aLfsXrwxD9_g4C57Ls8LTofckPUr8IpE5bwZZi-N_ygZDq8qdDm3bPGuzf5xdtmOOZV5gCqwxmhdfWi_qT-IZfm8I2WmRptmU3NwPn05p5yzOvXLq2bd_hCntYXkOG71x668uxloahu_Zyqfx_5H36ph1veq5uOlud79muUkYTpz5KzK4QUY-Q8-1g3SWe-8B4jvhvUlwNWcDIim9ETEs_AhX5AYyyo61m3R0KsZarJbbEa6xSuxn9YH3EJ48h1V5Zp_PsgZk&sai=AMfl-YTpz32fUezJZWo9K3V5qeokakC-0HqBgocaAjUo_upNjFKcO6JCmMDuTxTMTlZI3Wzz1lZYDZnFHDKiltQx7ZP31KD0IG9XXqoCQYOiREJfoNtgqxNTFtU9_jugyvBEZaIGIkEpoctJS03GwFy27ijoSPCYCRYvp52NFOE&sig=Cg0ArKJSzAeZBeqlMVo2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=762&vt=11&dtpt=519&dett=3&cstd=242&cisv=r20220216.55218&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 4DA5 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDiADKj9_POCu9ZPlUDTzvCurkRX4jC3ZUc8iVu_8wcTRJdKxuqglQLbzVPtDnhzgzZeNySiMsu0X96EhkVhsfY1lXNQmyfSBMBb7SYHSqExxXdLMiCE8NrLfgcjdM6Uq24tYvSDYhhXPWwAs-G53EH2D_mFuLkz0qb5NBYORiGtBp6f2tSErH-7olGchgD8twsh1C0dTWJnKZrSWHY9eY2H4qdF0wFI5RWhQCTsgnRN9WQv3hhQ42albpbrT5RiE39-GTp2ElZGMMow1iv9D3MAbyLzM8BhVnlbXAgruQB2QMHirS1Gs0jKuQAW4iphgK3VJM9AXAdNqwZkQEYIywm72LNqItelJxq0PzzcLQjk_LthhsZHyL8KTmN45LGflSlKXzLew19fq7pZUWxebqAQLU8jbMG0g-NfaltAuz8CpRF1A0qQK0VRabxpBksyoNsLXHS3Q6GM86LXwZK9JcCuOY_YnTdqR_StVSrfnsLo6SOUodWEU_huxxK2IXDsNCw3Xmqlz1DJoV3sc7iY9noRv67JHT71QB0OGC5eXvFwcTkTFn9IfqFJZ2edZ-JrOSw5EvLTh5nVu6r6kEiVTtGMGWbwCwRpCqmpqZuMNuzrVKy3hAaaHlz8wXVMzG5wxsOYShNBSXm5zR2f80TRqw8HEStLAmoShHmHfPevI7AlA43fLxsNI8DAY4lKNz2mH6JjIuUhllqhI9FJioFL7Gqkt6AZ8ilZsP1j2nW2P2epGnDG9nt-Pg9hCkSf_flpxqE2opRztlk6AGwvgleiX1FAq6LywAIP3KTdF8nqFbStHkx_owiYkXzijg57rqVHWPyiUikYCbTP6Vg1EKQiI_23gtgeNVDx4zghLF5bObD4EBCijHiAlqTIFU5_HqF7HaQ38WzSdgfp8mSV2xk8FS7oNTEzfKUBwu6jeDfeev8naqrJIse1ahloqoDX5SMM-ahzyDChA-RBinjF7HNQxsJnrOZ4Mp-42sSeSl6v4cq7niFjbtA5hjTaC5fJCNvqku76BaOEdkFXhZSHC94Fg4utu_oafudLXTiVNiOP_t_K5EVGq3eP-Mum5uwH3Bnpw-EXXaRMNSuQ695ab9cYpNNUxbWvUYoKlcxm4rZDMreEY-zHf9Ccfpthh8h8406QGE-KSXDPcSfRQKLptjo71wHryE&sai=AMfl-YTntuICT1e5AKl27Tg7QrqrDkT0AmyvTwud_K_UtSsOHVjgmp1GITrUAPlx3zXUXRk0uhEvmXAkdTM5W4MM0T_S6GQIBzYspjO3vEkvQZPPCvVBZeuD_LQAIT637JJnoPwRH_onVBxhhi9oulWBELZ1rCS5jEivYZdVX4o&sig=Cg0ArKJSzA9Z3lj7Y0KREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=844&vt=11&dtpt=559&dett=3&cstd=283&cisv=r20220216.25898&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: admtax.ru
URL: http://admtax.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad
v.lkqd.net/ Frame C560 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=93067074&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b9b03ff56303978a39256736c6331757485c83fb86cacfb99742fe6e8ffe36a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
pixel.js
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)
  • https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)&pid=PROBTN&js=1&show_js_referer=1&bounce=1
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)&pid=PROBTN&js=1&show_js_referer=1&bounce=1
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
b76f1136c7df32cec4e76bbbdf9f125a6c3e256e3afd0f30bf6a8eaca3b0b782

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript
expires
Sat, 19 Feb 2022 17:29:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
last-modified
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)&pid=PROBTN&js=1&show_js_referer=1&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 19 Feb 2022 17:29:31 GMT
pixel.js
x01.aidata.io/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)&url=https%3A%2F%2Fwww.finanz.ru%2F&is_js_referrer=1&origin_referrer=http%3A%2F%2Fadmtax.ru%2F
Requested by
Host: x01.aidata.io
URL: https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
4da9b59ddae6b4e84277ad466cd3106ceeca45389029cd77eab1a4e8a05fae40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 17:29:31 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript
expires
Sat, 19 Feb 2022 17:29:31 GMT
truncated
/ Frame 5C22 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb35c79834db896d432df27e3013ae05b2e6607385b921ed40203962d5555a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 5C22 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 19:31:14 GMT
x-content-type-options
nosniff
age
251899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 19:31:14 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame 141D 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:32 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1645291772.cds262.am5.hn,1645291772.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
truncated
/ Frame E7AC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa7031e6294b34d9207f27d4ae97d11251c5250008b2031c12057fa1aad16113

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame E7AC 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:14:29 GMT
x-content-type-options
nosniff
age
342904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 18:14:29 GMT
truncated
/ Frame 4574 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e38cf644ddf1d97ee0573a10cef3580b8d4e477aeb94b2bc1fcb9df17f4545a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4DA5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71e5baae4f23e9cfc6c990975135d6f9b6923694d1cebc1010ea96c1f4221963

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 463B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2fc555789e6d029dd42a50a1e9ff8b9b8245ecc35c733e20683c4048034cb64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C22 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyCjkIBCo1cmRhX2Fndl9pbnMsbXlzaWRpYV9hbmFseXRpY3MscGVyZl92aWRlb19jb250cm9sMl8xMHAKDRAQIQAAAAAgPuFAMAQKDRARIQAAAAAANtFAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAwMzM4KJAMAQSGkNQSGRwN3lsalBZQ0ZWRUU0QW9kQ2F3Rkl3IhJncGEvbWF4aW1hbF92MV9vY2goDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cb16f0f75ea5aac7d9337968f48dc02d.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B46C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b49b979ff7793e860d174c660cf8228782672e7e5961002e6cde8a8f61208f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
usync.html
ad.lkqd.net/cookie-sync/ Frame D848 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
content-encoding
gzip
content-length
1882
content-type
text/html
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges
bytes
etag
"952dcfd8e3703b5a7e78418d51009535"
cache-control
public, max-age=1209600
x-hw
1645291773.cds262.am5.hn,1645291773.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 141D 		73 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=93067074&m=&rtv=1&thost=www.finanz.ru
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
4846a37eef8adcdeb0b63f60409461f3bfe9b25bc5540bc6f4be5cb6c87b2051

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5063
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=93067074&m=&rtv=1&thost=www.finanz.ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:33 GMT
content-length
0
access-control-allow-origin
https://www.finanz.ru
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
downsize_200k_v1
tpc.googlesyndication.com/simgad/10532302689316299079/ Frame E7AC 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10532302689316299079/downsize_200k_v1?w=400&h=209
Requested by
Host: www.finanz.ru
URL: https://www.finanz.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4775ac96f4c276cc822fa183b4b7fdac23da1d32c4d4ab8e7cf7fce5f683cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:17:38 GMT
x-content-type-options
nosniff
age
15115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14217
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 17:57:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 Feb 2023 13:17:38 GMT
IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
pagead2.googlesyndication.com/bg/ Frame CDE8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=7048560808&adk=653482185&adf=1280998658&pi=t.ma~as.7048560808&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770385&bpp=1&bdt=421&idt=159&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=540x180&correlator=6315536641621&frm=20&pv=1&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aJSwSnNzjI&p=https%3A//www.finanz.ru&dtd=161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 16:21:38 GMT
IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
pagead2.googlesyndication.com/bg/ Frame 57BA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438736351765938&output=html&h=180&slotname=4095094400&adk=2814048725&adf=1109042699&pi=t.ma~as.4095094400&w=540&lmt=1645291770&num_ads=3&psa=0&format=540x180&url=https%3A%2F%2Fwww.finanz.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645291770382&bpp=3&bdt=418&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6315536641621&frm=20&pv=2&ga_vid=1980672137.1645291771&ga_sid=1645291771&ga_hid=1298879455&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31063247%2C31063982&oid=2&pvsid=4126276822509684&pem=207&tmod=710512184&uas=0&nvt=1&ref=http%3A%2F%2Fadmtax.ru%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=R49ez44d7T&p=https%3A//www.finanz.ru&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 16:21:38 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8B08 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/ClickPerformance/RUS_Home.release.js?v=025391ce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 19 Feb 2022 17:29:33 GMT
Age
48365
X-Served-By
cache-lga21975-LGA, cache-hhn4058-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 727740
X-Timer
S1645291773.283598,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 848C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: script.finanz.ru
URL: https://script.finanz.ru/Content/Scripts/ClickPerformance/RUS_Home.release.js?v=025391ce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 19 Feb 2022 17:29:33 GMT
Content-Length
1388
Connection
keep-alive
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C22 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyCjkIBCo1cmRhX2Fndl9pbnMsbXlzaWRpYV9hbmFseXRpY3MscGVyZl92aWRlb19jb250cm9sMl8xMHAKDRAUIQAAAACAGuZAMAQKDRAVIQAAAAAAADFAMAQKDRAWIQAAAAAAACJAMAQKDRAYIQAAQGZmXKRAMAQKDRAyIQAAAAAwM9M_MAQKDRAzIQAAAAAwM9M_MAQKDRA0IQAAAAAwM9M_MAQKDRA1IQAAAAAwM9M_MAQKDRA2IQAAAAAwM9M_MAQKDRA3IQAAAAAwM9M_MAQKDRA4IQAAAJCZ2UdAMAQKDRA5IQAAAM3MnIBAMAQKDRA6IQAAAM3MPIFAMAQKDRA7IQAAAAAA4KJAMAQKDRA8IQAAAAAA4KJAMAQKDRA9IQAAwMzM4KJAMAQKDRA-IQAAAAAATKRAMAQKDRA_IQAAQDMzTKRAMAQKDRBAIQAAwMzMYKRAMAQSGkNQSGRwN3lsalBZQ0ZWRUU0QW9kQ2F3Rkl3IhJncGEvbWF4aW1hbF92MV9vY2goDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cb16f0f75ea5aac7d9337968f48dc02d.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame F4D8 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:33 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
async_usersync
ib.adnxs.com/ Frame 8B08 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5301ac8f-06d9-406a-a012-6e8a7afa9336
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 850D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
409e352c9c9db3dde59ea63de66b44133269b309497459d01162ae0cf49d6a37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|46|13|5|130|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Sat, 19 Feb 2022 17:29:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Content-Length
1608
Connection
keep-alive
cs
cs.lkqd.net/ Frame D848
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=93c3b088-e6b8-404b-af7e-f952a426df64
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=93c3b088-e6b8-404b-af7e-f952a426df64
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=93c3b088-e6b8-404b-af7e-f952a426df64
date
Sat, 19 Feb 2022 17:29:33 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame D848 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D848 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D848
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
pragma
no-cache
date
Sat, 19 Feb 2022 17:29:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame D848
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Date
Sat, 19 Feb 2022 17:29:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=209663023&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1422987349&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=710591250&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C57522%2C1%2C822368641378459616530707989,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.finanz.ru
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1645291773311028-594
Expires
Sat, 19 Feb 2022 17:29:33 GMT
vtag
vast.emxdgt.com/ 		27 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.finanz.ru%2F&maxduration=119&skip=0&site.domain=finanz.ru&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F98.0.4758.80%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.114.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-114-40.compute-1.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 17:29:33 GMT
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.finanz.ru
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
27
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1207381516&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=2112684854&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C57522%2C1%2C8223686413784596165237916526%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
47e20fbe6a0b59d0f096a20a7e42e3f143494dc399426255e4c9743af9afed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.finanz.ru
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1645291773267073-516
Expires
Sat, 19 Feb 2022 17:29:33 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?_fw_gdpr=0&_fw_us_privacy=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C57522%2C1%2C8223686413784596165125560952,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bcd7ff8390c5c4e6ffd89e1b9e374f1dc7ba16c035bcfbe65a11f0e3ea4e2c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.finanz.ru
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1248
x-sticky-vk
1645291773260068-363
Expires
Sat, 19 Feb 2022 17:29:33 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=248725268&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
casale
match.adsrvr.org/track/cmf/ Frame 850D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 850D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 850D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J3D0TZKPXFYTFN7MJZGN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1DWFXR4MXJN03BFKK7HW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 850D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 850D
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Feb 2022 17:29:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Sat, 19 Feb 2022 17:29:33 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
ix
ad4m.at/ad/sim/ Frame 850D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 850D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE75E7EIlIAAAQ9W6hGrw&expiration=1646501373&gdpr=1
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE75E7EIlIAAAQ9W6hGrw&expiration=1646501373&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Feb 2022 17:29:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE75E7EIlIAAAQ9W6hGrw&expiration=1646501373&gdpr=1
Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 850D 		43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YhEo-ymEOrOohAr7EYs3TQAABKAAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:c696:f562:c9de:84f6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 850D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YhEo.ymEOrOohAr7EYs3TQAA%261184
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 17:29:33 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2487
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Feb 2022 18:11:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220216&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acbbfc9477aaa4e1320740d3a486176e060b15eef8c499ca413c94aeb5f3a56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 17:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9814
x-xss-protection
0
stats
x01.aidata.io/ Frame C1D4 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/stats?pixel=PROBTN&v=Sat%20Feb%2019%202022%2017:29:32%20GMT+0000%20(GMT)&url=https%3A%2F%2Fwww.finanz.ru%2F&is_js_referrer=1&origin_referrer=http%3A%2F%2Fadmtax.ru%2F&pid=PROBTN&js=1&sid=91e95ddc758b4353a7ff596c3972adc9&__upin=b3+/hydCPhbmMJ6JdJlDJw&id=1645291772499-973428146&url=https%3A%2F%2Fwww.finanz.ru%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22http%3A//admtax.ru/%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
server
nginx
0.gif
x01.aidata.io/ Frame C1D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC&google_cm
  • https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESEEsj-uLcUElXSm8yIXnLkKs&google_cver=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESEEsj-uLcUElXSm8yIXnLkKs&google_cver=1
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
last-modified
Sat, 19 Feb 2022 17:29:32 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sat, 19 Feb 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESEEsj-uLcUElXSm8yIXnLkKs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
310
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.gif
x01.aidata.io/ Frame C1D4
Redirect Chain
  • https://px.adhigh.net/p/cm/aidata?u=b3%2B%2FhydCPhbmMJ6JdJlDJw&back=SYNC
  • https://px.adhigh.net/p/cm/aidata?u=b3%2B%2FhydCPhbmMJ6JdJlDJw&back=SYNC&bounced=1
  • https://x01.aidata.io/0.gif?pid=GETINTENT&id=usS079tafQKH.AikABlF_EwggKQ&back=SYNC
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=GETINTENT&id=usS079tafQKH.AikABlF_EwggKQ&back=SYNC
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:34 GMT
last-modified
Sat, 19 Feb 2022 17:29:33 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sat, 19 Feb 2022 17:29:33 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://x01.aidata.io/0.gif?pid=GETINTENT&id=usS079tafQKH.AikABlF_EwggKQ&back=SYNC
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
0.gif
x01.aidata.io/ Frame C1D4
Redirect Chain
  • https://counter.yadro.ru/id-redir/aidata.gif?back=SYNC
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=SYNC
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=SYNC
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
last-modified
Sat, 19 Feb 2022 17:29:32 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sat, 19 Feb 2022 17:29:32 GMT

Redirect headers

Location
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=SYNC
Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
324
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
0.gif
x01.aidata.io/ Frame C1D4
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=b3%2B%2FhydCPhbmMJ6JdJlDJw&back=SYNC
  • https://sync.crwdcntrl.net/map/ct=y/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=b3%2B%2FhydCPhbmMJ6JdJlDJw&back=SYNC
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=b3+/hydCPhbmMJ6JdJlDJw&back=SYNC
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=LOTAME&id=b3+/hydCPhbmMJ6JdJlDJw&back=SYNC
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
last-modified
Sat, 19 Feb 2022 17:29:32 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sat, 19 Feb 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://x01.aidata.io/0.gif?pid=LOTAME&id=b3+/hydCPhbmMJ6JdJlDJw&back=SYNC
cache-control
no-cache
x-server
10.45.21.17
content-length
0
expires
0
0.gif
x01.aidata.io/ Frame C1D4
Redirect Chain
  • https://sync.bumlam.com/?src=aid3&uid=b3%2B%2FhydCPhbmMJ6JdJlDJw&s3_subid1=SYNC
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj90cSQBlIF-YW-5QRiFmIzKy9oeWRDUGhibU1KNkpkSmxESneqBgRTWU5D
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj90cSQBlIF-YW-5QRiFmIzKy9oeWRDUGhibU1KNkpkSmxESneiARCA2S46kakR7KbpACWQyCQ3qgYEU1lOQw**
  • https://sync.bumlam.com/?src=aid3&s_data=CAIQABj90cSQBmIWYjMrL2h5ZENQaGJtTUo2SmRKbERKd6IBEIDZLjqRqRHspukAJZDIJDeqBgRTWU5D
  • https://sync.bumlam.com/?src=aid3&s_data=CAIQARj90cSQBmIWYjMrL2h5ZENQaGJtTUo2SmRKbERKd6IBEIDZLjqRqRHspukAJZDIJDeqBgRTWU5D
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=80d92e3a-91a9-11ec-a6e9-002590c82437&back=SYNC
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=80d92e3a-91a9-11ec-a6e9-002590c82437&back=SYNC
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
last-modified
Sat, 19 Feb 2022 17:29:32 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sat, 19 Feb 2022 17:29:32 GMT

Redirect headers

Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//x01.aidata.io/0.gif?pid=ADSNIPER&id=80d92e3a-91a9-11ec-a6e9-002590c82437&back=SYNC
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
0.gif
x01.aidata.io/ Frame C1D4
Redirect Chain
  • https://cm.p.altergeo.ru/aidata?aid=b3%2B%2FhydCPhbmMJ6JdJlDJw&nc=5721&url=https%3A//x01.aidata.io/0.gif%3Fpid%3DALTERGEO%26id%3D%24%7BUSER_ID%7D%26rnd%3D%24%7BRANDOM%7D%26back%3DSYNC
  • https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMS7zpWcEKSmeygNmE2wtGqA==&rnd=83f87ce4&back=SYNC
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMS7zpWcEKSmeygNmE2wtGqA==&rnd=83f87ce4&back=SYNC
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
last-modified
Sat, 19 Feb 2022 17:29:32 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sat, 19 Feb 2022 17:29:32 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:33 GMT
Server
nginx/1.16.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMS7zpWcEKSmeygNmE2wtGqA==&rnd=83f87ce4&back=SYNC
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
0.gif
x01.aidata.io/ Frame C1D4
Redirect Chain
  • https://an.yandex.ru/mapuid/dmpaidatame/b3%2B%2FhydCPhbmMJ6JdJlDJw?sign=1863410381&location=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC
  • https://x01.aidata.io/0.gif?pid=SYNC
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=SYNC
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
last-modified
Sat, 19 Feb 2022 17:29:32 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sat, 19 Feb 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 17:29:33 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://x01.aidata.io/0.gif?pid=SYNC
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 19 Feb 2022 17:29:33 GMT
cm.gif
ad.mail.ru/ Frame C1D4 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=18&id=b3%2B%2FhydCPhbmMJ6JdJlDJw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 17:29:33 GMT
Last-Modified
Sat, 19 Feb 2022 17:29:33 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=21600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Sat, 19 Feb 2022 23:29:33 GMT
counter
top-fwz1.mail.ru/ Frame C1D4 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?id=3202981;pid=b3%2B%2FhydCPhbmMJ6JdJlDJw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C1D4
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D2719420%26id%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D2719420%26id%3D%7BWEBO_CID%7D&bounce=1&random=374262206
  • https://x01.aidata.io/0.gif?pid=2719420&id=mRC6LJjbibYCR2TjP74VZ.
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=20316&external_id=b3%2B%2FhydCPhbmMJ6JdJlDJw
42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=20316&external_id=b3%2B%2FhydCPhbmMJ6JdJlDJw
Protocol
HTTP/1.1
Server
81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad16.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 17:29:34 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
last-modified
Sat, 19 Feb 2022 17:29:32 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=20316&external_id=b3%2B%2FhydCPhbmMJ6JdJlDJw
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 19 Feb 2022 17:29:32 GMT
pixel.js
x01.aidata.io/ Frame C1D4 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/pixel.js?pixel=PROBTN&id=1645291772499-973428146&url=https%3A%2F%2Fwww.finanz.ru%2F&v=Sat%20Feb%2019%202022%2017:29:33%20GMT+0000%20(GMT)&is_js_referrer=1&es_name=GA&es_uid=1980672137.1645291771
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 17:29:32 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript
expires
Sat, 19 Feb 2022 17:29:32 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:33 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:33 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame F4D8 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame F4D8 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1298879455&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.finanz.ru%2F&dr=http%3A%2F%2Fadmtax.ru%2F&ul=en-us&de=UTF-8&dt=%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%3A%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%2C%20%D0%BE%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%80%D1%8B%D0%BD%D0%BA%D0%B0%2C%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B8%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%20%D0%B2%20%D1%80%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%BD%D0%B0%20finanz.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ScrollDepth&ea=%2F&el=10%25&_utma=2796199.1980672137.1645291771.1645291771.1645291771.1&_utmz=2796199.1645291771.1.1.utmcsr%3Dadmtax.ru%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F&_utmht=1645291773838&_u=aAjCAAABAAAAAC~&jid=1586471497&gjid=481091870&cid=1980672137.1645291771&tid=UA-44951833-1&_gid=559121776.1645291771&_r=1&gtm=2wg2g0PJ8B96&z=681338613
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4438736351765938&plah=www.finanz.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 17:29:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D24 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Feb 2022 15:28:13 GMT
expires
Sun, 19 Feb 2023 15:28:13 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
7281
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9C79 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
73a76abeaf3c9aae4420aeda38d3dffdadd4cb215f182ee038f5fe61ad3ce34b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vNgDSW+LkkVM5KG81cZU/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 19 Feb 2022 17:29:34 GMT
date
Sat, 19 Feb 2022 17:29:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vNgDSW+LkkVM5KG81cZU/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
pagead2.googlesyndication.com/bg/ Frame 7D24 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 16:21:38 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4574 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsust5sa7WwXcptu0M1X4t33bvtV3SkJBENaRY3nQmo8MXYlBj4E1wrs6RBscrK7BJ5ppsygcNXla7vEWxE0BGTeOZnzClIgng3MeB7zsCGa5NgIm-GElA&sai=AMfl-YR4oEG1pWWERXByrsWhZgm6JFrfkZi2bRy0omUaLwUqNMBUjQq_wv_0VLgV_c2FBp90selapy1z9RnICy8mrJSxPnJEMRHjgdyPaW9ftQH8wCqannhxMJGfULJhiXks&sig=Cg0ArKJSzAii0taRC1yXEAE&cid=CAASFeRoePr1comzWDSDOE8vMDjG-DDKZw&id=lidar2&mcvt=1007&p=0,1255,600,1555&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3240497728&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645291771553&rpt=1476&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4DA5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuw0XhsTmFzOD9Y4ZqPXTERBV33iBxE1zjoFweqnTXFsDHEilJgpixRKHeOgeTzH-1Hg925W1lDItk8kH7jv7BnRx1hjrospHFy_oDJvuujgijm1yvAfA&sai=AMfl-YR_1tgGAk9zae9cFNeRha4g-Goqp6bBBA4h0lD_uido9qbOiSewOjLaoMlMPwKNHh9Pd0nPfipLKFb5H_JKIIyCrfzh1g10gz3abQPEg6BshWnrCbjvqUwt5bUNcmPW&sig=Cg0ArKJSzAZ7NFwsczegEAE&cid=CAASFeRoVXcMBTgOdNGECp5hMbqZ8LaTZw&id=lidar2&mcvt=1009&p=214,436,304,1164&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=758058001&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645291771550&rpt=1494&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 463B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKgP2X12TxGbL6lW8KioCWYp8X8DP4yl2fVkOGblwkpYGT9e5W985DhVd71pnFISaP8AvvVVXc63xOUuyAtKZ5jZjsKy64D-jA2ZMbbjIcIB2d-IUWsw&sai=AMfl-YSp6duvYV433ledSTCQ2tM7KNVU1t3m3eWU4-TMD31dErj_L0zWGnHRLwpVGbBp8Sbn7kPWuEb5COd6r2HV_uyifp4EKIOjqNFmTTFjg1yvY8zKyRLnvd4IHQ1ByGu-&sig=Cg0ArKJSzNfNIXqTnZjcEAE&cid=CAASFeRozaivdJrIj0TMJOjIobi_O9bGBA&id=lidar2&mcvt=1010&p=606,940,1206,1240&mtos=0,1010,1010,1010,1010&tos=0,1010,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=2335346956&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645291771559&rpt=1495&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B46C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstzhk2WMnDFX3TWG18QDP-mVI9Cl6-bO8YSAfAqboCeaoEIuZyG5gwlaEbWBKMb_5LzQLy0akbmJbQSv6uRaKHcomtwDSLpVRvOozoMcU2rLhWKw6ylA&sai=AMfl-YTORvA9E8VCNGNI9vlWbCezAYYzsItDQKJYvFVXXoD1crWq747KKrOUz7Di6Sy-ykDvbPBwg_h6jX9jFbZLLstCpEdg6I6oXTDo0bnrZ__GZ-3FcvFJqMjuSdK2SxTS&sig=Cg0ArKJSzJ1pxNzqnO_9EAE&cid=CAASFeRo-A8eUaQSb7Ma8dafUmkm7L0PAQ&id=lidar2&mcvt=1000&p=0,45,600,345&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1234063177&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645291771556&rpt=1523&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9C79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220216&jk=4126276822509684&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7D24 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220216&jk=4126276822509684&bg=!h4SlhMDNAAbf-5Dq3_s7ACkAdvg8WvjRTQNF_pKfGOW28TpnDm6Zwq9EnkT4RHEK8C5lNgRNCvHGmQIAAAB5UgAAAAFoAQcKAFGwGNWnJYtxZ_qN2OogDgx8YvBAevvCJEWUmvwxIOx-ggiuSrBvRmNYMYELBqBufSPSo1Fda5BoTWQN8qrD8vkLAxF_hcblNSS4ThHsGIhLWiKZAsQ2_M45Wj2VqrM4SQSStKz5PQbCnQEAFFFP1iMG15bUomt61BWcNQ-lIOE_tNPAYajYAg_RxCYIHhlN02kECEnxaJXOf5p0SfBSg-OaHr3ivOjXaZPq-qMvc08Yc6RvOADZI0SXwqaXsiNon5ItrNnsY99P2gu1tbPZ3Gge2eoBfqJHiGJJ98XAtGbVLMuwlEZfuosuCqg7daE0ran--sLmHRgFoeoiaTpwKT9b3WEsJ59zIV1X-32HR0UXg72i1NhK5ysxeAQRafZ0nkt9sQF7-Ruk-7jSwXtB4KMcq39Mf9QYUcYWW3g_DQFOeB-tdK0dgLaCmuZ1V5ASrojUt4KC-U04xaOj3Jcqml8ERf5_evSIGOzqsxX2tt4yCUEIur5vr5SjOcdGw2Q46B-DF67yW4ZiCXaQHO9jzTOP0uXvllV5YDSx9wpXN7DUbboktMfkojrXeIjW10YLmd4AbNwqRFu9NVa2TSU4DVSqBW5zBwpI7QM976XD5krK_lmydi7urCKg1XNTEfGx4XVHGsVa4WUL2HydRB7d9-_i50bWnHk6phVwI7MXi-kun3kaDrdT1_4_hUnRVL1tc0wg5uONtGqvj0YWcLcb7CGJRr0aO6cvTFQCRqZAWYWzRKHUIBxRIxabmQp54MEw5BzwjcE2nYo7rmIRm0MMrk5unKuquaWrPe2FBEq8kMpnPubSEDxraPj7b9ylwWgLZea3djOYpKQ8qHDLEaIE1WXr-9YbrQ0BB8gFGEiT5oUPNMCqiP4idt8EZ-WnGVt7C7xb6L61i77h3ucmMdpy_vnqOiSrWPqIsdNFGvP6yfEbVWLozfmiMtfk95QAEno1XhPLuj7MCQabtIIEokKe6u421x49nRYUB_zmmtc5ThQCA7YxEqi_fqocKtEClVLqYUvHbRJV5CtAIYsTVlBnlPRKLzRSX4wTGOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
v.lkqd.net/ Frame C560 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=97995722&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
cb1115abd2b3ba331f65696e403e1a18a0227ed20e13a444b6c581099ad8e59a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
async_usersync
ib.adnxs.com/ Frame 8B08 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 17:29:34 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cb243d2c-6673-4608-85aa-c9b7320a8b8e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame E3D0 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1645291774.cds262.am5.hn,1645291774.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 18F3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
content-encoding
gzip
content-length
1882
content-type
text/html
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges
bytes
etag
"952dcfd8e3703b5a7e78418d51009535"
cache-control
public, max-age=1209600
x-hw
1645291774.cds262.am5.hn,1645291774.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame E3D0 		19 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=97995722&m=&rtv=1&thost=www.finanz.ru
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
ffb7e451a07969a82613bc3afc74ea3c720c04453d4c71eefcb4f80c700e2404

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3252
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=97995722&m=&rtv=1&thost=www.finanz.ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:34 GMT
content-length
0
access-control-allow-origin
https://www.finanz.ru
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame 18F3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=5f5dd4f7-b146-45ba-8fa8-ae0608fc4199
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=5f5dd4f7-b146-45ba-8fa8-ae0608fc4199
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=5f5dd4f7-b146-45ba-8fa8-ae0608fc4199
date
Sat, 19 Feb 2022 17:29:34 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 18F3 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 18F3 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 18F3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
pragma
no-cache
date
Sat, 19 Feb 2022 17:29:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 18F3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Date
Sat, 19 Feb 2022 17:29:34 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 1139 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:34 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1333945049&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=496542262&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:35 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:35 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame 1139 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 1139 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame C560 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=98790486&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
4df4769895b97dc6e4da551cd5f517c3c9a328e2416dff66a25197c0d738b22d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:35 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1360
vpaid.js
ad.lkqd.net/vpaid/ Frame D61E 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:35 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1645291775.cds262.am5.hn,1645291775.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame BFDB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:35 GMT
content-encoding
gzip
content-length
1882
content-type
text/html
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges
bytes
etag
"952dcfd8e3703b5a7e78418d51009535"
cache-control
public, max-age=1209600
x-hw
1645291775.cds262.am5.hn,1645291775.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame D61E 		26 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=98790486&m=&rtv=1&thost=www.finanz.ru
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6c6f36a7bb0fb38cb4cfa347a369bf96badd10548ce7d6b38f0542fd65a6362e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Feb 2022 17:29:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3542
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=98790486&m=&rtv=1&thost=www.finanz.ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:35 GMT
content-length
0
access-control-allow-origin
https://www.finanz.ru
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame BFDB
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6787ef86-0505-435a-a717-b1ad879b96a8
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6787ef86-0505-435a-a717-b1ad879b96a8
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6787ef86-0505-435a-a717-b1ad879b96a8
date
Sat, 19 Feb 2022 17:29:35 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame BFDB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame BFDB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame BFDB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
pragma
no-cache
date
Sat, 19 Feb 2022 17:29:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame BFDB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Date
Sat, 19 Feb 2022 17:29:36 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame EE21 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:36 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
av
vidoomy-d.openx.net/v/1.0/ 		48 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.finanz.ru%2F&cb=1374796451&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57522%2C1%2C9210305144951043199436577340,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:36 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.finanz.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=228683044&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1763728171&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:36 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:36 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame EE21 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame EE21 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame C560 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=70552751&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
4b9a43debbaf8612b5b45d027ee24ccf4ee6573631ea7af355afafab0ca756ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1357
vpaid.js
ad.lkqd.net/vpaid/ Frame C46A 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1645291777.cds262.am5.hn,1645291777.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 81C9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
content-encoding
gzip
content-length
1882
content-type
text/html
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges
bytes
etag
"952dcfd8e3703b5a7e78418d51009535"
cache-control
public, max-age=1209600
x-hw
1645291777.cds262.am5.hn,1645291777.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame C46A 		26 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=70552751&m=&rtv=1&thost=www.finanz.ru
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
4865999306e03fabaac46750655bd7583d265c8bb87626586ecbc698af0bf4a9

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3553
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=70552751&m=&rtv=1&thost=www.finanz.ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:37 GMT
content-length
0
access-control-allow-origin
https://www.finanz.ru
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame 81C9
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40869b30-8c8c-441e-a57e-a4c83e98beda
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40869b30-8c8c-441e-a57e-a4c83e98beda
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40869b30-8c8c-441e-a57e-a4c83e98beda
date
Sat, 19 Feb 2022 17:29:37 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 81C9 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 81C9 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 81C9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
pragma
no-cache
date
Sat, 19 Feb 2022 17:29:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 81C9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Date
Sat, 19 Feb 2022 17:29:37 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 6AC8 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:37 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
av
vidoomy-d.openx.net/v/1.0/ 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.finanz.ru%2F&cb=2098879988&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57522%2C1%2C2291140124826894766776033636,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:37 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.finanz.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=432268388&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1575418927&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
t
t.lkqd.net/ Frame 6AC8 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 6AC8 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.finanz.ru
date
Sat, 19 Feb 2022 17:29:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:38 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:38 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
ad
v.lkqd.net/ Frame C560 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=93758243&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d9fb16b39aea69dda9cb40f26a720b6a1952d930bea8729cdc1d0291deb1f43b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1357
vpaid.js
ad.lkqd.net/vpaid/ Frame 1FFC 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1645291778.cds262.am5.hn,1645291778.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 4392 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
content-encoding
gzip
content-length
1882
content-type
text/html
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges
bytes
etag
"952dcfd8e3703b5a7e78418d51009535"
cache-control
public, max-age=1209600
x-hw
1645291778.cds262.am5.hn,1645291778.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 1FFC 		46 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=93758243&m=&rtv=1&thost=www.finanz.ru
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f08b26627b721453cd24092215ede05379373acb01198db79b8e124d9f1be1c8

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.finanz.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4107
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1116304&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.finanz.ru%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C57522%2C1%2C&c4=&c5=&c6=57522&rnd=93758243&m=&rtv=1&thost=www.finanz.ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.155 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:38 GMT
content-length
0
access-control-allow-origin
https://www.finanz.ru
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame 4392
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c935eba8-bf5b-4879-b883-31d3f67664b6
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c935eba8-bf5b-4879-b883-31d3f67664b6
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c935eba8-bf5b-4879-b883-31d3f67664b6
date
Sat, 19 Feb 2022 17:29:38 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 4392 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 4392 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 4392
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2564713738127901124
pragma
no-cache
date
Sat, 19 Feb 2022 17:29:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 4392
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:29:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N00pconvTC9DQhXt5V19T7nVm6U
Date
Sat, 19 Feb 2022 17:29:38 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame D6DD 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.finanz.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Feb 2022 17:29:38 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.finanz.ru
av
vidoomy-d.openx.net/v/1.0/ 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.finanz.ru%2F&cb=458026986&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57522%2C1%2C8181520086065803292653589487,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 17:29:39 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.finanz.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		0
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		0
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		0
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads.adaptv.advertising.com/a/h/ 		0
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1043505510&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.16.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-16-12.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.finanz.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?lq-hog
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
ads.adaptv.advertising.com
URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=120332331&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Domain
ads.adaptv.advertising.com
URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1969363059&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Domain
ads.adaptv.advertising.com
URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=226832271&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1
Domain
ads.adaptv.advertising.com
URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=361509704&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.finanz.ru%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57522&hp=1

Verdicts & Comments Add Verdict or Comment

305 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 function| structuredClone object| adHandler object| FinandoJsEnvironment boolean| isDevelopmentMode object| idleNotify function| preBidLibraryForFramework object| _0x119e function| _0xa73e object| pbjs object| googletag function| changeColorRed function| changeColorBlue undefined| intBoxTyp undefined| google_ad_channel string| google_ad_client undefined| google_ad_type undefined| google_feedback undefined| google_language undefined| google_max_num_ads undefined| google_skip function| google_ad_request_done function| setDynamicAdboxTyp function| setDynamicAdboxTypSkip function| silentTrackPI function| flink function| manageTabNavigation function| listItemClick function| moveTabNavigation function| absoluteWidth function| dynamicFontSize function| setListClickEvent function| setDropDownEvent function| oeffneNeuesFenster function| submitForm string| exorbyteLogo number| mm_refcnt object| mm_inputs string| mmUA boolean| firefox boolean| opera boolean| ie undefined| ieVersion boolean| ieZIndexBug number| mm_flashtime number| mm_qtime boolean| mmIgnoreFirstMouseEnter number| AS_NOLOGO number| AS_NOSUBMIT number| AS_TABSELECTS number| AS_DISPLAY_INPUT number| AS_HIERARCHICAL number| AS_GROUPED number| AS_GROUPED_DISPLAYCAT number| AS_GENERATED_CATEGORIES_NOT_SELECTABLE number| AS_NO_ROOT function| mmSuggestParams boolean| MM_DOWNDIR boolean| MM_UPDIR function| sortFirst function| sortLengthLonger function| sortLengthShorter function| mmDoBlur function| mmDoFocus function| mmPageNavig function| mmGetPageNavig function| mmCheckKey function| mmCancelEvent function| mmDoFieldKeyDown function| mmGetXMLHTTP function| mmGetParentProps function| mmSelectRow function| mmMouseEnter function| mmSubmitString function| mmSetDivSize function| mmUnflash function| mmFlash function| replaceHTMLEntities function| mmRedirectClick function| mmFillDiv function| mmSuggestDeliver function| mmCallSearch function| mmQReplace function| mmDoSearch function| callInProgress function| mmDoSuggest function| mmNotifyError function| mmOverlapsObject function| mmShowSuggBox function| mmHideSuggBox function| mmOnResize function| mmCreateBox function| SetupMMSuggest function| SetupAutoSuggest function| enableAutosuggest function| MMNode function| mmGroupedPreFunction function| mmGroupedRowFunction function| mmGroupedOnActivate function| mmHierarchicalPreFunction function| mmHierarchicalRowFunction function| mmHierarchicalOnActivate function| arrSelectbox function| mmssetup function| sortCategories function| customGroupedRow function| customOnActivate function| borderBox function| convertStandardDecimalToLocalDecimal function| convertLocalDecimalToStandardDecimal function| getCookie function| getNewsTopRankingAd function| isAdServerAdAvailable function| toUserTimeZone function| AjaxLoader function| AdFox_getCodeScript function| is_touch_device number| idleTime string| cookieName boolean| isCookieSet boolean| notified number| unixTimestamp function| timerIncrement function| showNotifyPopup function| getDontIdleNotifyCookie function| setDontIdleNotifyCookie object| Validation function| $ function| jQuery function| trackPI function| DP_jQuery_1645291770108 object| Modernizr string| timestamp number| currentUserTimeZoneOffset number| utcTimeOffsetToApplication string| isApplicationTimeByUser object| dataLayer function| pbjsChunk object| _pbjsGlobals function| changeRoute function| updateNewsTable object| pcodeJsonp54802JfLzM7qPGC object| Ya number| pr object| __activeTestIds object| __pcodeAllActiveTestIds object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| ad number| adWidth string| google_ad_slot object| google_ad_size object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| postscribe object| google_tag_manager_external object| google_tag_manager string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| google_tag_data boolean| yandex_context_perf_logging function| probtn_callPlayer object| probtn_hpmd function| htmlParser function| UAParser object| probtn_ButtonContentType object| jQuery1910645290762371747 object| $sf object| yaSafeFrameAsyncCallbacks function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData function| changePage object| d object| script628816 object| mg_ws628816 object| fastXDM object| VK function| highlight function| rate string| mmURLBase string| mmURLIcons function| convertDateTimeToLocalDateTime object| InstrumentPageRoutes object| InstrumentTypeNames object| _gaq object| MDSnG object| JSON3 object| mdsngStarter object| clientApi object| tnscounter_callback string| currentRoute object| webPushSettings function| callPlayers function| __tcfapi_8928924878912 object| lkqdSettings object| vpaidLoader object| objCurrentList number| pos_last_hidden_element object| jQuery15106090674247863288 object| arrDimSelectbox object| oldResize function| WebPushLogger function| WebPush function| FcmWebPush function| WnsWebPush object| config string| firebaseAuthorizationKey object| logger object| webPush object| fcmWebPush object| wnsWebPush object| core object| firebase object| TNS object| tnsCounterForbes_ru object| _gat object| _mgIntExchangeNews object| LentaInformInfC628816 function| LentaInformCContextBlock628816 function| LentaInformCMainBlock628816 function| LentaInformCInternalExchangeBlock628816 function| LentaInformCRejectBlock628816 function| LentaInformCInternalExchangeLoggerBlock628816 function| LentaInformCObserverBlock628816 function| LentaInformCSendDimensionsBlock628816 function| LentaInformCRtbBlock628816 function| LentaInformCContentPreviewBlock628816 function| LentaInformCResponsiveBlock628816 boolean| mg_loaded_322519_628816 object| lkqd object| mobile_blocked_mfs function| lkqd_http_response number| newValue object| onClickExcludes function| mgReject628816 function| mgLoadAds628816_00e12 function| LentaInformCReject628816 function| LentaInformLoadGoods628816_00e12 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint322519 string| _mgPvid boolean| _mgPageView322519 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests undefined| jQuery1910645290762371747_1645291770480 function| aidataSendEvent function| aidataRefreshEventListeners object| GoogleGcLKhOms object| google_image_requests

66 Cookies

Domain/Path Name / Value
trx.lm-invest24.site/ Name: _subid
Value: a2leh0rjl2
trx.lm-invest24.site/ Name: 818ad
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEyMzVcIjoxNjQ1MjkxNzY5fSxcImNhbXBhaWduc1wiOntcIjMwOVwiOjE2NDUyOTE3Njl9LFwidGltZVwiOjE2NDUyOTE3Njl9In0.3FiByFBGFlAo4dcZoZbptzNJNdN8VzG6pCathSY7YJI
.yandex.ru/ Name: i
Value: K09HLTy/ZYdSoIdVRDCo0PqSUPlNHy9dwJ7epgiWRwIt96OqChphw1RQlVw+fYaGoMBujJFS6m6X01EfFAwghlFHvDQ=
.tns-counter.ru/ Name: guid
Value: A6096823621128FAX1645291770
.yandex.ru/ Name: yandexuid
Value: 2961832201645291770
.finanz.ru/ Name: _ga
Value: GA1.2.1980672137.1645291771
.finanz.ru/ Name: _gid
Value: GA1.2.559121776.1645291771
ads.stickyadstv.com/ Name: UID
Value: a3b22af18cc6c1ea7f228ae19923dbf
ads.stickyadstv.com/ Name: sessionId
Value: a82f2f39e9b1b23c824310f14ffd9ec8
.finanz.ru/ Name: __utma
Value: 2796199.1980672137.1645291771.1645291771.1645291771.1
.finanz.ru/ Name: __utmc
Value: 2796199
.finanz.ru/ Name: __utmz
Value: 2796199.1645291771.1.1.utmcsr=admtax.ru|utmccn=(referral)|utmcmd=referral|utmcct=/
.finanz.ru/ Name: __utmt
Value: 1
.finanz.ru/ Name: __utmb
Value: 2796199.1.10.1645291771
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixstid
Value: 0_3mnZmDXyiM7vdVeERZugIbPfi1fl0DrWyvyhuS7zZXH
.turn.com/ Name: uid
Value: 2564713738127901124
.bidswitch.net/ Name: tuuid
Value: 2b8bd5d8-eb8d-4bf1-9602-c5bc704c4b0d
.bidswitch.net/ Name: c
Value: 1645291771
.bidswitch.net/ Name: tuuid_lu
Value: 1645291771
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-374d2972-89ef-4c2f-4342-15ede55d7d4f.sjrUqezi482%2F1tKTAlmUIsdvdgOVfcpM1ymZDAkCfls
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AN00pconvTC9DQhXt5V19T7nVm6U.0tR%2BlY1D8Hw9qU6%2B12uA7DOfldn%2FlVJK5kCh8VJ9lkU
.doubleclick.net/ Name: IDE
Value: AHWqTUlZlULFE_QxkckLfby-yI-rSiHmEA8LUYx_ea3RaKidMoS6XKr6n0sDimwh4UA
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_cc695c18-5fa3-4a5f-b65a-ec3c1ea1626f
.finanz.ru/ Name: __gads
Value: ID=e135636dcedf36f1-2222a5a247cd0038:T=1645291770:S=ALNI_MZs1ZV5IQPBPHbivIAGYeK_2_zzdw
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjJiOGJkNWQ4LWViOGQtNGJmMS05NjAyLWM1YmM3MDRjNGIwZCIsImV4cGlyZXMiOjE2NDc4ODM3NzF9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2NDc4ODM3NzB9fX0=
.casalemedia.com/ Name: CMPS
Value: 3270
.casalemedia.com/ Name: CMID
Value: YhEo.ymEOrOohAr7EYs3TQAA
.adnxs.com/ Name: uuid2
Value: 2532681666582773446
.spotxchange.com/ Name: audience
Value: 7f9cc4ac-91a9-11ec-b3b6-186cd56e0306
.casalemedia.com/ Name: CMPRO
Value: 1184
.lentainform.com/ Name: muidn
Value: m1jv35db8St9
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IljIXb^3!@wnfH8K6pQK`!5=E<*L5?%M*76KM=cg`la4y!z8e5#x90Xke89O'Y[/<<bX*bpRz*qF1`*b_-]*)xxD
servicer.lentainform.com/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
www.finanz.ru/ Name: LentaInformStorage
Value: %7B%220%22%3A%7B%7D%2C%22C628816%22%3A%7B%22page%22%3A1%2C%22time%22%3A1645291772119%7D%7D
www.finanz.ru/ Name: probtnId
Value: 1645291772499-973428146
www.finanz.ru/ Name: probtnCID
Value: 1645291772499-973428146
.aidata.io/ Name: __upin
Value: b3+/hydCPhbmMJ6JdJlDJw
.aidata.io/ Name: __upints
Value: 1645291772
x01.aidata.io/ Name: gl
Value: 1
x01.aidata.io/ Name: gi
Value: 1
x01.aidata.io/ Name: livin
Value: 1
x01.aidata.io/ Name: lotame
Value: 1
x01.aidata.io/ Name: adsnpr_resync
Value: 1
x01.aidata.io/ Name: altg
Value: 1
x01.aidata.io/ Name: yaya
Value: 1
x01.aidata.io/ Name: mytarget
Value: 1
x01.aidata.io/ Name: mytarget2021
Value: 1
x01.aidata.io/ Name: wbrm
Value: 1
.finanz.ru/ Name: __upin
Value: b3+/hydCPhbmMJ6JdJlDJw
ads.stickyadstv.com/ Name: pxId
Value: 7169
.casalemedia.com/ Name: CMST
Value: YhEo+2IRKP0A
.yahoo.com/ Name: A3
Value: d=AQABBP0oEWICEBHTXWMxMTEBVws-eCToFVIFEgEBAQF6EmIbYgAAAAAA_eMAAA&S=AQAAAl-uVY3xAmOXy3EFLX8oYtI
.bidr.io/ Name: bito
Value: AAE75E7EIlIAAAQ9W6hGrw
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMRUM3
Value: 27621128fd0b40&2d621128fb2760CAESECOMI9QRc692xWxT3hGfaCU&f1621128fd05a0&49621128fd05a0&e6621128fd2760&82621128fd2760AAE75E7EIlIAAAQ9W6hGrw&2e621128fd05a0&05621128fd05a0
.finanz.ru/ Name: _gat_UA-44951833-1
Value: 1
.mail.ru/ Name: VID
Value: 0f0DnW3D12Y800000b1AH4Y8:::0-0-0-72b81bb:CAASEMSAGiMfvwfqznS0RoH6qaoaYLI6uHvkStxJnC9F_wv1FLSpYYA2hTyq7T3Uz0k5h63LoV0x1QfBn46GO3IHBg2DnE9ekvoebRv6rWe1I97b8QzQY5Jx_2txeL-ncKHONMBn-h1Y0mhsJtrBRg41Bn9lOA
.yandex.ru/ Name: yuidss
Value: 2961832201645291770
.weborama.fr/ Name: AFFICHE_W
Value: XlySE99MF1le76
.adsniper.ru/ Name: uuid3
Value: IiQ4MGQ5MmUzYS05MWE5LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.bumlam.com/ Name: suuid3
Value: IiQ4MGQ5MmUzYS05MWE5LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 8c2afa96560687c128fb859c61390de8
.adhigh.net/ Name: gi_u
Value: usS079tafQKH.AikABlF_EwggKQ
.adhigh.net/ Name: aidata_sync
Value: j58

4 Console Messages

Source Level URL
Text
javascript warning URL: https://cdn.viewst.com/probtn_concat.js
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
javascript warning URL: https://jsc.lentainform.com/f/i/finanz.ru.628816.es6.js
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidoomy.com
acdn.adnxs.com
ad.lkqd.net
ad.mail.ru
ad.turn.com
ad4m.at
admin.viewst.com
admtax.ru
ads.adaptv.advertising.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yahoo.com
adservice.google.com
adservice.google.de
an.yandex.ru
autocounter.lentainform.com
c.lentainform.com
cdn.jsdelivr.net
cdn.lentainform.com
cdn.viewst.com
cm.g.doubleclick.net
cm.lentainform.com
cm.p.altergeo.ru
code.createjs.com
counter.yadro.ru
cs.lkqd.net
csync.loopme.me
dfca7d0792644545ea6a70b0e0ba841a.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
images.finanzen.net
js-sec.indexww.com
jsc.lentainform.com
match.adsrvr.org
match.prod.bidr.io
mdsngpush.finanzen.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pproxy.finanz.ru
pr-bh.ybp.yahoo.com
px.adhigh.net
redirect.frontend.weborama.fr
s-img.lentainform.com
s.amazon-adsystem.com
s0.2mdn.net
script.finanz.ru
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.lentainform.com
sonata-notifications.taptapnetworks.com
ssl.google-analytics.com
ssp.adriver.ru
ssum-sec.casalemedia.com
st6-20.vk.com
stg.vidoomy.com
styles.finanz.ru
sun6-20.userapi.com
sun6-21.userapi.com
sun6-22.userapi.com
sun6-23.userapi.com
sun9-14.userapi.com
sync.adotmob.com
sync.bumlam.com
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
sync3.adsniper.ru
t.lkqd.net
top-fwz1.mail.ru
tpc.googlesyndication.com
trx.lm-invest24.site
us-u.openx.net
v.lkqd.net
vast.emxdgt.com
vidoomy-d.openx.net
vk.com
www.finanz.ru
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
ads.adaptv.advertising.com
t.lkqd.net
tpc.googlesyndication.com
104.111.242.245
104.19.216.61
13.93.6.214
138.201.139.144
142.250.184.226
142.250.186.98
146.20.128.61
146.20.132.155
146.20.132.188
151.101.193.108
151.139.128.11
163.171.132.119
172.217.16.130
184.31.84.150
185.183.112.155
185.94.180.125
193.232.150.70
2.16.186.242
2.18.234.21
2.18.234.233
2001:678:cb4:bbbb::11
2001:6d0:4001::226
209.54.177.54
217.69.133.145
23.88.75.189
2606:4700:20::ac43:4a81
2606:4700::6810:5614
2a00:1148:db00::17
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a00:f940:2:2:1:1:0:159
2a02:6b8:20::215
2a02:6b8::90
2a02:6b8:a::a
2a03:5f80:a::b212:e78b
2a05:d018:d29:3602:c696:f562:c9de:84f6
3.120.167.174
3.129.250.65
3.70.16.12
31.172.81.159
31.172.81.172
34.89.138.129
34.98.64.218
35.190.16.14
35.201.89.161
35.211.178.172
37.252.173.27
37.252.173.62
51.105.96.162
52.200.181.105
52.223.40.198
52.30.140.199
52.58.61.12
54.154.165.196
54.237.114.40
66.155.71.149
81.222.128.216
87.240.185.141
87.240.190.67
88.212.201.216
89.108.119.43
91.90.193.30
95.142.206.0
95.142.206.1
95.142.206.2
95.142.206.3
99.83.189.147
00d2f6cdc8935a366367038ae0c41970fb8179484bd7826fee8889adde33d887
017faa0a1ddf02c29fa1228c6b24b3eeebd6afe32ceb3817eb37510a67e9cc06
043452cc6b216e27ed364044a4182af0b811417b67608d69baaf5f3673082aa7
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
074fb3ae62fde02a6b14264f250b4e13c693d8f56160bf5fdfe69d008f3e2ed4
0796a6a94a7121e7f45108cb49731864d524282696bfa99f24e33e53ecdc897d
07a42ddfd6e49119fb9f67c0cb6160017a33f7598fcd862c21421a65fc26c998
0a4f5357906d8df0b12e121bc023e7dbef464e34189d425afab4db99731c3998
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bee62ea2660061e7a2ec5122528d43c19a26dd04116b1d88a9b7871e1c8545f
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
0f18feecc96cbf6598d1fb0660ca46a417d41f84cb5512ee647b27f318297ee7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13903e0eeb3f0ed9bd090d9564f6e7d516f48b09060a7db741e31dd2e7b8e79b
1658a184caa35443e438f5a0cdc70888a83bcf72c98dcda9941435a9a70ce58d
16a5662a0871872aa0857c9daa3dd36b3d05727eb207e0f09cad5f143ed31b1d
16c174b04a9b32a55c5ae3d2674f23323910c07c4ce4e171f55efb10c8270a51
16dea90065380f3ad22a4efdba817219c7d1ff9124e28edfd3711fac3542f288
182f9453e59f6310a801cc6d64e80355edcbafb61c2aa211a80987d892f38cce
187609863b0ad6ebddbb827bcb34cac1bfa0fa4145885b86b5452fa8b2cc624b
1c0486f3cdbb2f1605ec8fb8c86efd231da9562f93efcdd7d71a962bbc907666
1c7d27d48825d75ae0cea399a848db8f299760cd16b75a9a1d49998adac675a2
1f794dd11cdd04a590ce9470b623bada6817aabaf2cb4bb81817394e17567c66
210f052e4e1a4cee8180ccf1c3a6d4b2e8b3789daa3eeab45bcd1476ab9df93a
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
2387cca4cd7aecc15eba4b085a621e979e6b20b465462f66e6f85b6a59b62979
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c0eac30b52289d8ab5fbd3c3da3d1028f01299fe357d7e6cd5e73feec69cfd
26e56f3d7095d918d7f937a3923d7a2fd186feb5aca8e00825ac1f882f6d6b8d
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2b49b979ff7793e860d174c660cf8228782672e7e5961002e6cde8a8f61208f1
2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe
2b86791b4bc5469817735d814f73f5b52cdc6078c60befd4c6cbe27c68b40027
2cb6a5ea1b2036497b91f9d22b5a115df1c546c58bd082f2ba0da8a01965b9e6
2d90af048823b96421e2acdc2ccf0ee74632fa37527d91a49c0020c6a9122c16
2deebfb38acf8313b74dd2bad4d0d6469b16e5394744eb2cacb07e7671684ee5
304c53767296b186c5840c0f722928420436e7047682c5dbd518e7bf43614577
31dbfef504dc0db26ad3e595a54a50ee0092e1b977a97ba2d31b49d04d8737f1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33c22d62b4d9b60d8ac8b010f4e19da452eb17484e66c581c5f4184dd8152d90
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
360be99c0fe15c24b6f4f38c6ae21131ef098edc47e80a0ba701df88f45fe4d2
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36ce34492a86ef23a4807d9b19e65937e732cbee1601c15984ffd1884e5ee488
380cb8850744061af6a79db9bbe32db458df01d445f3737d26c258d5b538a3ef
394361a8136dbe1f5de8cf97960d158576a9a7c9f9cb49f63e43c3a8c7e28170
39871ab6ccf3f77ea017b7662f4143a4608ff335424b78249d8a04c6f16e4d0d
3a66954beb210a9de1c90927f5a08035b442cd6c510f72cc9838628a198845f5
3b2451a09cb1749e2f119729356a252db89fe2960af805afdc90c6091abe2a26
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d89fc5555283d632140c8c0877b1b8d6b7f865e18a83fce0de1204dc6d6e879
3ed568fb0c63c892fbb0d1b12c85d23b893cf45c24700e6c8d4114161f844178
409e352c9c9db3dde59ea63de66b44133269b309497459d01162ae0cf49d6a37
411b86125bd6f4812cf51bc057968444575578869faef2ff4e5be44699cbf69f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47e20fbe6a0b59d0f096a20a7e42e3f143494dc399426255e4c9743af9afed8f
4846a37eef8adcdeb0b63f60409461f3bfe9b25bc5540bc6f4be5cb6c87b2051
4865999306e03fabaac46750655bd7583d265c8bb87626586ecbc698af0bf4a9
48782e40a118e879c461cda8345768ca277421d4a1c65c972e43c28d8e8f0965
4878d2177fb9d449577d37c12f6d7d56649cbbd078c79ac6adda69082a7bc258
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9a43debbaf8612b5b45d027ee24ccf4ee6573631ea7af355afafab0ca756ca
4c51aecce8f16aebf4ffdfe94cf93493d17c1918612f452703215830c521e872
4da9b59ddae6b4e84277ad466cd3106ceeca45389029cd77eab1a4e8a05fae40
4df4769895b97dc6e4da551cd5f517c3c9a328e2416dff66a25197c0d738b22d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e38cf644ddf1d97ee0573a10cef3580b8d4e477aeb94b2bc1fcb9df17f4545a
4e5c50e4d230938abc0794f2eb8f42a3d98c873a0deedb9e5481d90e730b806e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
541a15cc5cbadf9ddbc45e75b208991546436190f25426fa01f36a86a7d0dce3
546b0542c3e2411df4ab29071185ebeecd712c1d08af98c45878934a7faaeb6f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b6c3e9c80b0da110e434ac42b51d3fccbc449e8a4aa9e9fd1cd951407c1c41
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63eee1dec3fcaafb919b3645a40408bc99eccaecb50b8e538d3cbfc1ac9d29c6
655f9821bbe131e0edf35701ec0cdd58d80411746b9711b0383a78d4c5d0015f
659893685f9da64e126a723df6a2bbfc76a1560db1712470cef4b1cef51a34ad
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
693d7208dff9c33a6f3d7a4ea8ec4cf9aed02a151c4bc42d28e2bad64047072d
6b6809969903ad388e834d310edd45c15057cec3da1fd76858dcbd5ec37ec48c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c5e2d555e6c12ec4eef9fca06731e2b19a807b82b8895dc8e6c2347bae04cd1
6c6f36a7bb0fb38cb4cfa347a369bf96badd10548ce7d6b38f0542fd65a6362e
71e5baae4f23e9cfc6c990975135d6f9b6923694d1cebc1010ea96c1f4221963
7299e3cd2ddc4fa58e59c4c908a4a81ab0a4de0b1394b4db698a2ca232a8845f
73a76abeaf3c9aae4420aeda38d3dffdadd4cb215f182ee038f5fe61ad3ce34b
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7be70ecb2ea4f1028c3359d2ed6fa5cb103323c007e8d1e6d6ed770f39604f34
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e825719fe4658ea0dc5dbf15d7740e5555cd71817698d5d1ea454b088b796d1
7ee56283f1ad3e9c375331ef4ac9b66d299457b2aef1470aa4610fde5b6ad987
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
810d39b52c8f925b2d881e74467cdf21a6d976f52b5fdd69c56e17a297a620d8
823b213da59b08d21ad80d9f280bb7eeb5e66e64886b53615b554de02eb60126
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835cccf26642c7ab3c0580c54fce3119aafa567203d1b6065221b7b7f3cb9928
84a2b14ae123952f243eceba58a315af3a7e54940c98a0f34a17dd95b8a0a52e
8b042290d0a85cac96c5291284ba62d77b497674ee8f0584fbfe3337ae867a38
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e62eccd2953d760cfafdffb51bc0ecc851389fec24ec8c97c0ca4a730715442
8ec7b752c94812cd0832332586bed67d6dd4d4478abee9ef59e96f7d18c8e433
92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc
975870a576905cac3784587d8ac1ec7cdd44469e7a6c20240b7fb32b56543008
9dcd9a6520acccfb7c2cb034d938e403e202e93809f8afbc38f01c9c0acdf14c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a10070dcdc2c4bbf3e493359f22ba7751e15a354a68b14b5cc59ca0ba07e8d69
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a49375a818c34a92996dda920044a1ee7ac34b25dc0340c2a2fe9961adb65b63
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
a5dd008b5129808beb15a631c8e46c805ab017966f87dc5779c023258da27b2e
a5fa5dda512e9d1cb0958323b5574d864cbc2ab181dd42c39b872ad03baca44c
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
a9a2faee8f8f71288e1319a29eb680601e2a0549b9127cb506c0b163a3856855
a9ed1ac4667a2f98cf11c12ef7d8f4f2a501f77832c08507faca1820819a47f5
aa7031e6294b34d9207f27d4ae97d11251c5250008b2031c12057fa1aad16113
acbbfc9477aaa4e1320740d3a486176e060b15eef8c499ca413c94aeb5f3a56d
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af86d1842ee9f04e69eb78eb3fb1866e2a783a69084e3192ff712733497157c4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b76f1136c7df32cec4e76bbbdf9f125a6c3e256e3afd0f30bf6a8eaca3b0b782
b7de12cd53da0d476d3d9624e2df1d39015b73d5313ac8b9d8ba1835868e975b
b9b03ff56303978a39256736c6331757485c83fb86cacfb99742fe6e8ffe36a7
ba736b8d9ff6dec089382fbc9365cbecaf6d85a7ed89a3a50beca05c05f87b94
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
bcd7ff8390c5c4e6ffd89e1b9e374f1dc7ba16c035bcfbe65a11f0e3ea4e2c55
bf138fff0a89c4b3f08e51deb1b4fab971c13f951b7e7831a31441f15997ddce
bfadce9faa36a990f2bb7a2e366faccade9cad25c4663f65f634a91ef105a2df
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c259b881b1a950ab28b9ade37d4a4abe471cbbec75ccfbe2514a0cd7da012925
c8fef3101aeec270fdce6e4dd92c677c38746ad1642c5ef312460d5d705d2c28
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
cb1115abd2b3ba331f65696e403e1a18a0227ed20e13a444b6c581099ad8e59a
cc494bf4181bd97c5f56b9bdb0efb0d6ba4722a78cd947d51a2753adbabecbe7
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
cef0f2c5d6083d5873068b66fce8628d75435ca2aa6688a0fcae9087f81fe79a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d299027d1343bdfe14159bb1d6486ec433badbcae64f984c9730376f30090eb7
d2fc555789e6d029dd42a50a1e9ff8b9b8245ecc35c733e20683c4048034cb64
d3b9019a25f806052d3397cebe09a9bfcba56f5f00834c47a6ef2d23e86f2d24
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
d4fb8a73ced6638ac24002743ba4cd6d3fab20148c591c75e0a9c15a2c43f6e5
d5579c2f7f8af03534d414d13cd3577d74432c3d1ef01d6eab56e99ac90f506d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9fb16b39aea69dda9cb40f26a720b6a1952d930bea8729cdc1d0291deb1f43b
dc0aae3cff21edb8879f2301f6d0fdf11fc49e960305874b1270fb5fc9f79eed
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9c102be54a21fc534271c42ff116be61325240fac9649023cc6adf41d8e72
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
e7dad9a2ea733e9aba7d4f6cf327fd2b155841ca20beebcb2f69f4940d12432c
ea74349345ba0691ce475147bd8865661068a07315d48026f239af5e04282e56
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe06ae912f7fd25827242d2993d88061d82a715badec8f9a5dc8d08744ac5f9
f08b26627b721453cd24092215ede05379373acb01198db79b8e124d9f1be1c8
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f1f7b19ecf8aa16bc822d7d863838c614f9c8ead9446969f757ddd0a6d357dd7
f4775ac96f4c276cc822fa183b4b7fdac23da1d32c4d4ab8e7cf7fce5f683cba
f5d3a91d9133f12a3710808474051a1773369b563cacc8b5550fdb773a811da0
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
fa85cfb532131b8673cb3f271e765eabd7e3fc60fc3e0f82a5b01b78d45f96d7
fae32bd2cfb6dbe394c30ac74a1b2a7887cd80b2a0ba63f91dc6e956e8c62363
fb35c79834db896d432df27e3013ae05b2e6607385b921ed40203962d5555a5f
fba3cab31898d7317cf09120bc47105969f29d1700f8c29c9ee207c01b2dd959
fc30f69f8f9d362ee3427f8bba67d2c26443a0e39c28126b14f7036f25371f33
fe7ab1b60986d6942e5715194db421a520b9c2bfaf5af223be5a7c250b80e5c7
ffb7e451a07969a82613bc3afc74ea3c720c04453d4c71eefcb4f80c700e2404