investtorg.ru Open in urlscan Pro
91.189.114.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://investtorg.ru/
Effective URL:
https://investtorg.ru/
Submission: On March 09 via api (March 9th 2023, 4:03:16 am UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 45 IPs in 10 countries across 42 domains to perform 113 HTTP transactions. The main IP is 91.189.114.18, located in Russian Federation and belongs to RU-CENTER, RU. The main domain is investtorg.ru.
TLS certificate: Issued by R3 on February 21st 2023. Valid for: 3 months.

This is the only time investtorg.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	91.189.114.18 91.189.114.18	48287 (RU-CENTER) (RU-CENTER)
1	2a00:1450:400... 2a00:1450:400d:80c::2008	15169 (GOOGLE) (GOOGLE)
2	87.240.132.72 87.240.132.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 13	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
25	92.118.67.2 92.118.67.2	49031 (CALLTOUCH-AS) (CALLTOUCH-AS)
10	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2	2606:4700:303... 2606:4700:3036::6815:38ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:805::200e	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:303... 2606:4700:3037::ac43:89b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:402... 2a00:1450:4025:402::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1 2	18.196.177.146 18.196.177.146	16509 (AMAZON-02) (AMAZON-02)
2 2	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.193.246.45 18.193.246.45	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.48.213.254 52.48.213.254	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	52.58.252.202 52.58.252.202	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.58.131.235 52.58.131.235	16509 (AMAZON-02) (AMAZON-02)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4232:859f:deb5:f2bd:dfa1	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	104.96.129.75 104.96.129.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.209.66.62 52.209.66.62	16509 (AMAZON-02) (AMAZON-02)
1	99.81.95.207 99.81.95.207	16509 (AMAZON-02) (AMAZON-02)
1	18.188.81.199 18.188.81.199	16509 (AMAZON-02) (AMAZON-02)
113	45

26 91.189.114.18 (Russian Federation) 1 redirects

ASN48287 (RU-CENTER, RU)
PTR: wcarp.hosting.nic.ru

investtorg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.132.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 92.118.67.2 (Russian Federation)

ASN49031 (CALLTOUCH-AS, RU)
PTR: ct-mod-front01.calltouch.net

mod.calltouch.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:38ea (United States)

ASN13335 (CLOUDFLARENET, US)

widget.iflat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:89b0 (United States)

ASN13335 (CLOUDFLARENET, US)

iflat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

793ccb0eb3a74fa7a5b0e5211e8ca917.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.177.146 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-177-146.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.246.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-246-45.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.213.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-213-254.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.252.202 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-252-202.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.131.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-131-235.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:859f:deb5:f2bd:dfa1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.129.75 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-129-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.66.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-66-62.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.95.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-95-207.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.188.81.199 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-81-199.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	investtorg.ru 1 redirects investtorg.ru	392 KB
25	calltouch.ru mod.calltouch.ru — Cisco Umbrella Rank: 160014	375 KB
11	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10426 ad.mail.ru — Cisco Umbrella Rank: 9726	23 KB
10	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9434	3 KB
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2724 sslwidget.criteo.com — Cisco Umbrella Rank: 1763 dis.criteo.com — Cisco Umbrella Rank: 666	13 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 208 secure.adnxs.com — Cisco Umbrella Rank: 380	4 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	1 KB
3	iflat.io widget.iflat.io iflat.io	4 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3716	73 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 647	853 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1360	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 271	507 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	879 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	20 KB
2	vk.com vk.com — Cisco Umbrella Rank: 6194	24 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1686	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 570	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2226	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4366	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 26992	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2310	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 659	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 694	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1351	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2585	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 401	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 743	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1296	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 341	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1899	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1263	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 575	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 500	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 316	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 587	979 B
1	google.de www.google.de — Cisco Umbrella Rank: 6027	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	mts.ru tech.rtb.mts.ru — Cisco Umbrella Rank: 46557	763 B
1	beeline.ru 1 redirects 793ccb0eb3a74fa7a5b0e5211e8ca917.ops.beeline.ru — Cisco Umbrella Rank: 748007	466 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 626	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	44 KB
113	42

	Domain	Requested by
26	investtorg.ru	1 redirects investtorg.ru
25	mod.calltouch.ru	investtorg.ru mod.calltouch.ru
10	mc.yandex.com	3 redirects investtorg.ru mc.yandex.ru
10	top-fwz1.mail.ru	investtorg.ru
5	gum.criteo.com	4 redirects static.criteo.net
3	mc.yandex.ru	2 redirects investtorg.ru
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	widget.iflat.io	investtorg.ru widget.iflat.io
2	vk.com	investtorg.ru
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	www.google.de	investtorg.ru
1	www.google.com	investtorg.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	sslwidget.criteo.com	static.criteo.net
1	tech.rtb.mts.ru	investtorg.ru
1	793ccb0eb3a74fa7a5b0e5211e8ca917.ops.beeline.ru	1 redirects
1	ad.mail.ru	investtorg.ru
1	iflat.io	widget.iflat.io
1	mug.criteo.com	investtorg.ru
1	static.criteo.net	investtorg.ru
1	www.googletagmanager.com	investtorg.ru
113	49

This site contains links to these domains. Also see Links.

Domain
spb.hh.ru
vk.com
www.youtube.com
t.me
xn--80az8a.xn--d1aqf.xn--p1ai
m18.ru

Subject Issuer	Validity	Valid
investtorg.ru R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.calltouch.ru GlobalSign RSA OV SSL CA 2018	`2023-01-24` - `2024-02-25`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.rtb.mts.ru GlobalSign RSA OV SSL CA 2018	`2023-01-10` - `2024-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itm.ivitrack.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh

This page contains 4 frames:

Primary Page: https://investtorg.ru/
Frame ID: 6871951F78BFAB2BB2D3A55522D56CA8
Requests: 67 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=investtorg.ru&origin=onetag
Frame ID: F655FB64168730C75CD436F6B1E03611
Requests: 2 HTTP requests in this frame

Frame: https://mod.calltouch.ru/front/widget.js?version=97308743
Frame ID: D0F01A37BD31C4D7EA0333662EF9AD2C
Requests: 12 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e9Wi5PJPKGsiw9N4Olt5qk6Ky1CFiIp7LchSYw&expires=30
Frame ID: DA08C076869940BC60D4026A90C33BA3
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Инвестторг

Page URL History Show full URLs

http://investtorg.ru/ HTTP 301
https://investtorg.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

113
Requests

87 %
HTTPS

25 %
IPv6

42
Domains

49
Subdomains

45
IPs

10
Countries

994 kB
Transfer

2992 kB
Size

68
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://spb.hh.ru/employer/264606?hhtmFrom=vacancy
Title: Вакансии

Search URL Search Domain Scan URL

URL: https://vk.com/investtorgspb
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCjHc2X7FMrmBTstF_xovI1g
Title: YouTube

Search URL Search Domain Scan URL

URL: https://t.me/+P8YBCJj4cUY3ZWRi

Search URL Search Domain Scan URL

URL: https://xn--80az8a.xn--d1aqf.xn--p1ai/
Title: https://наш.дом.рф

Search URL Search Domain Scan URL

URL: http://m18.ru/
Title: M18

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://investtorg.ru/ HTTP 301
https://investtorg.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://gum.criteo.com/sid/json?origin=onetag&domain=investtorg.ru&sn=ChromeSyncframe&so=0&topUrl=investtorg.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ElGG63xXdWc4SGNCeU9CMkh0emFLQ2ZQbGJLWDhTLzlYcVJNVkRlUVc5NS9mUEJOY3BCVHJTMHFheU1Za0NZbkJ6Wm0ydGJYYWgzS2Zyd1ZzU1RQZTFnRS9VTm1xUjYxeTlLeXJXa2RmN3hpVDFpYkZsbnIxZURBWUVNT2JwL1hPTlhLeVdCNVRIWVhSVjZtZ1d1Q3R3bXFpcjJ0Qkw4QktuRzNyNzVzMWhpZlNJMmxIWmRvNDI0RVFzUTlnUStlNGtTVTBMOHYzK3FER1dKV3ZtclczY1Y3R280R3ByeW5QRDByK0s0YjZVU1d3QTlmRFpnVzZxdXpORlV6YnJIcEdRaWRpT2ZoWEs0V2pkZ0tTbWhJSmlkejhVZz09fA&cppv=2

Request Chain 45

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9936.cfdg9n0FUONsl7yFLwTQmIDSGVU-aWhNQnCJZYIhf0_hmvArJIYRPa_ZJhOBtqV6.PtDVDeKPNfOZqrDHbPR2yhyjqAs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9936.tnPljFC3ZgDGR3iiCBxat4LAGMz-ZLuTXIHSLCnaivvNoHljE5GtCgeQjhkeRuUNzCRXOX5DhqVLY5lTxqLu3bcMrXHWrKaq3J4XFqoNtJk%2C.cUXlUD8G8tUDG_1rPAPWgtnnOXY%2C

Request Chain 52

https://793ccb0eb3a74fa7a5b0e5211e8ca917.ops.beeline.ru/?id=71454638t2967328528&siteId=10465&sessionId=2967328528 HTTP 307
https://mod.calltouch.ru/beelineAID.php?id=71454638t2967328528&siteId=10465&sessionId=2967328528&beeaid=6d4f1cd3-83a1-4385-9a21-9f1d38cefe20

Request Chain 59

https://mc.yandex.com/watch/78777663?wmode=7&page-url=https%3A%2F%2Finvesttorg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1105154318867%3Ahid%3A6890435%3Az%3A0%3Ai%3A20230309040309%3Aet%3A1678334590%3Ac%3A1%3Arn%3A169393857%3Arqn%3A1%3Au%3A1678334590437383718%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C159%2C279%2C87%2C369%2C0%2C%2C351%2C0%2C%2C%2C%2C1247%3Aco%3A0%3Acpf%3A1%3Ans%3A1678334587704%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678334590%3At%3A%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/78777663/1?wmode=7&page-url=https%3A%2F%2Finvesttorg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1105154318867%3Ahid%3A6890435%3Az%3A0%3Ai%3A20230309040309%3Aet%3A1678334590%3Ac%3A1%3Arn%3A169393857%3Arqn%3A1%3Au%3A1678334590437383718%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C159%2C279%2C87%2C369%2C0%2C%2C351%2C0%2C%2C%2C%2C1247%3Aco%3A0%3Acpf%3A1%3Ans%3A1678334587704%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678334590%3At%3A%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 62

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9936.OqMEnyVKrAzyzedHb1kD73wRdf5QMwl8Sr2Ro3TKI_Dqoi53PLApdnnYSzCgOFEZ.rutOwKPdLXF1NoPZVc1y8HEDVmg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9936.ODff7kfhhQa3yqzDDNbCbVS--fB3GC6urhGllen4HkJwy2hzu_HzQUL7jhnkB5TCtZ0LU2QFyYdcuFXzTUmXe5lh6qMJd_lDQ9FvYFScAjY%2C.DS_s_7P6mwpu3WQAB7dO9wcM17s%2C

Request Chain 67

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-e9Wi5PJPKGsiw9N4Olt5qk6Ky1CFiIp7LchSYw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e9Wi5PJPKGsiw9N4Olt5qk6Ky1CFiIp7LchSYw&expires=30

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-M4NpCfJPKGsiw9N4Olt5qk6Ky1CdI8DJe0f4iw&google_cm&google_hm=ay1NNE5wQ2ZKUEtHc2l3OU40T2x0NXFrNkt5MUNkSThESmUwZjRpdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-M4NpCfJPKGsiw9N4Olt5qk6Ky1CdI8DJe0f4iw&google_cm=&google_hm=ay1NNE5wQ2ZKUEtHc2l3OU40T2x0NXFrNkt5MUNkSThESmUwZjRpdw&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M4NpCfJPKGsiw9N4Olt5qk6Ky1CdI8DJe0f4iw&google_gid=CAESEH-QlBLmSZwOX0FTnPHSx2s&google_cver=1&google_ula=913071,0

Request Chain 69

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5696649827099633135

Request Chain 70

https://secure.adnxs.com/setuid?entity=52&code=k-9zGW0fJPKGsiw9N4Olt5qk6Ky1C5DN9_owwo6A HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-9zGW0fJPKGsiw9N4Olt5qk6Ky1C5DN9_owwo6A

Request Chain 78

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4dRx1_JPKGsiw9N4Olt5qk6Ky1DiHqq5r3e4hw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4dRx1_JPKGsiw9N4Olt5qk6Ky1DiHqq5r3e4hw&verify=true

Request Chain 81

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rCwD_PJPKGsiw9N4Olt5qk6Ky1CCU_omiViu5Q HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rCwD_PJPKGsiw9N4Olt5qk6Ky1CCU_omiViu5Q&C=1

Request Chain 82

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ckUOrMR4Fq_X2MNdpBMhQiHNrdtO9zz- HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ckUOrMR4Fq_X2MNdpBMhQiHNrdtO9zz-

Request Chain 84

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ghpU0vJPKGsiw9N4Olt5qk6Ky1BDumMzh11i8A HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ghpU0vJPKGsiw9N4Olt5qk6Ky1BDumMzh11i8A

Request Chain 97

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=fAnNBTWHGxLsQr2daUByRch5f2g858Va

Request Chain 102

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ITtxbtdSaTnyId52NbDUWsCtY18eHm5c

113 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
investtorg.ru/
Redirect Chain

http://investtorg.ru/
https://investtorg.ru/

108 KB
17 KB

439ms
279ms

Document
text/html

91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty / PHP/7.2.34
Resource Hash: d44303c75879586a655d74d158e5a96eb8ec8dc58786734f9e7251367a519685

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=31536000, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 04:03:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: openresty
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

Redirect headers

Connection: keep-alive
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 09 Mar 2023 04:03:08 GMT
Location: https://investtorg.ru/
Server: openresty

GET
H2 200 simplbar.css
investtorg.ru/styles/ 4 KB
1 KB 85ms
84ms Stylesheet
text/css 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://investtorg.ru/styles/simplbar.css
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 699135d5efe9f988cb4dac1f37fbf7d938bd80f5d0969ffafb10ec5314e953f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 07:49:24 GMT
server: openresty
etag: W/"63cf8d84-f31"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 common.css
investtorg.ru/styles/ 449 KB
56 KB 242ms
241ms Stylesheet
text/css 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://investtorg.ru/styles/common.css?1676291405
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 80155ec50e9a619cfca9405b46720fc7175a25119edabbbe539928714e5ed2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 12:30:05 GMT
server: openresty
etag: W/"63ea2d4d-70586"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 golos-text-regular.woff2
investtorg.ru/styles/fonts/ 28 KB
28 KB 140ms
139ms Font
font/woff2 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://investtorg.ru/styles/fonts/golos-text-regular.woff2
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 7a3b6c8c1bd576df428e4825484b297245726cb014b78a14df032facc8aa8b41

Request headers

Referer: https://investtorg.ru/
Origin: https://investtorg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Mon, 20 Feb 2023 11:25:57 GMT
server: openresty
etag: "7090-5f51fed445971"
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 28816

GET
H2 200 golos-text-medium.woff2
investtorg.ru/styles/fonts/ 29 KB
29 KB 139ms
139ms Font
font/woff2 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://investtorg.ru/styles/fonts/golos-text-medium.woff2
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 4fde8058613c647246079d338befa7b86d4e3a0c67668cd47c63b9dac9ab4609

Request headers

Referer: https://investtorg.ru/
Origin: https://investtorg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Mon, 20 Feb 2023 11:25:57 GMT
server: openresty
etag: "729c-5f51fed4449d1"
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 29340

GET
H2 200 golos-text-demibold.woff2
investtorg.ru/styles/fonts/ 29 KB
29 KB 140ms
139ms Font
font/woff2 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://investtorg.ru/styles/fonts/golos-text-demibold.woff2
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 9c4e864630bc3d60d977502e3dbad2cd072dd5a2344aa55f0121391811246277

Request headers

Referer: https://investtorg.ru/
Origin: https://investtorg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Mon, 20 Feb 2023 11:25:57 GMT
server: openresty
etag: "72ac-5f51fed43fbb1"
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 29356

GET
H2 200 logo3.svg
investtorg.ru/content/logo/ 14 KB
5 KB 80ms
80ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/content/logo/logo3.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 1e8826549c5bd25323463d98fecad2cd80c0e0680af79932e56659c7df7d2d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 12:42:42 GMT
server: openresty
etag: W/"63da5e42-3837"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 common.js Show response
investtorg.ru/js/ 376 KB
106 KB 82ms
82ms Script
application/javascript 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://investtorg.ru/js/common.js?1676291414
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 7b86f73395b0c89d90a6724a84c5f914858bc86f517584ca7a4929016c21298e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 12:30:14 GMT
server: openresty
etag: W/"63ea2d56-5e0c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 207ms
79ms Script
application/javascript 2a00:1450:400d:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-114743022-6

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92d761dba0a5726ae8adcb89f91001b95a8d6593903a5d0c8476be42fca13938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44813
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 04:03:08 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 241ms
76ms Script
application/x-javascript 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv72-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: br
x-frontend: front220207
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
server: kittenx
etag: "6389a5e0-5b16"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23318
expires: Mon, 13 Mar 2023 04:03:09 GMT

GET
H2 200 chat.svg
investtorg.ru/styles/images/icons/ 495 B
686 B 78ms
77ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/icons/chat.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: e6050bb75c68f005ae1009d42b4c52467039779e38d1cda1fa1bae408b5f7fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Tue, 15 Jun 2021 07:57:20 GMT
server: openresty
etag: "60c85d60-1ef"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 495
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 account.svg
investtorg.ru/styles/images/icons/ 261 B
452 B 78ms
78ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/icons/account.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 3c940f0c5a6dfa8f97f9728e2c764feb598cb38269e0be4ca1a714d4a90da6e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Tue, 15 Jun 2021 07:57:20 GMT
server: openresty
etag: "60c85d60-105"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 261
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 favourites.svg
investtorg.ru/styles/images/icons/ 453 B
644 B 79ms
78ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/icons/favourites.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: a699057b1cb03036eb50b71175336cb26347509077d98c6170831ac6de7f9ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Tue, 08 Jun 2021 15:47:35 GMT
server: openresty
etag: "60bf9117-1c5"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 453
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 label.svg
investtorg.ru/styles/images/backgrounds/ 1 KB
697 B 78ms
77ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/backgrounds/label.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: fc78f989aea7e6e4f70e91ab388c78cf4abb231037accb2863fef96cd6a4e701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 15:47:26 GMT
server: openresty
etag: W/"60bf910e-4d9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 commercial.svg
investtorg.ru/styles/images/backgrounds/ 1 KB
726 B 78ms
77ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/backgrounds/commercial.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: e14384011452fd2ee8070db065bf6cbffd266ab5305a6896b1c88b1a6209514a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 15:47:26 GMT
server: openresty
etag: W/"60bf910e-508"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 parking.svg
investtorg.ru/styles/images/backgrounds/ 1 KB
1021 B 79ms
78ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/backgrounds/parking.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 62c795ff5e28ef08ad705af3509318cbf82a0abec36222ce43499a863d697783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 15:47:26 GMT
server: openresty
etag: W/"60bf910e-5eb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 realized.svg
investtorg.ru/styles/images/backgrounds/ 367 B
559 B 78ms
78ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/backgrounds/realized.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: ba1c9089ea6c61708dc40c9426a518035ebee919b3c3abd464131d21228974d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Mon, 28 Nov 2022 15:16:46 GMT
server: openresty
etag: "6384d0de-16f"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 367
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 vk.svg
investtorg.ru/styles/images/social/ 1 KB
849 B 79ms
78ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/social/vk.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: ee9d6cb030a1d434132bbe97942d6a13e0c9d2496c0ed217032076bb0b3282a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 15:47:26 GMT
server: openresty
etag: W/"60bf910e-4b0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 youtube.svg
investtorg.ru/styles/images/social/ 461 B
652 B 97ms
97ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/social/youtube.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: e7e8f4d24fbabd8bfb4b5eb616dc1a79068f6f438c1f0a11c0d99a479eb28185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Tue, 08 Jun 2021 15:47:26 GMT
server: openresty
etag: "60bf910e-1cd"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 461
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 telegram.svg
investtorg.ru/styles/images/social/ 535 B
726 B 98ms
97ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/social/telegram.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: ff58390f9b912882769aca25881f2ad96f67a8435413cd41942731ee45df43bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Wed, 16 Mar 2022 09:47:52 GMT
server: openresty
etag: "6231b248-217"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 535
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 44 KB
15 KB 150ms
49ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/js/common.js?1676291414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d03b2a573e13c69a70a4efb22ca78f769ff96692861433bc7fd967e3907f4bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Mar 2023 15:05:20 GMT
server: nginx
etag: W/"640752b0-ae53"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 04:03:09 GMT

GET
H2 200 cross.svg
investtorg.ru/styles/images/ 326 B
517 B 78ms
78ms Image
image/svg+xml 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/styles/images/cross.svg
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/styles/common.css?1676291405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 09ae5c716f18d01029f9dfd6a690c8a1890dc71d850bfc3e2a6b7063c9112d8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/styles/common.css?1676291405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Tue, 28 Dec 2021 12:31:15 GMT
server: openresty
etag: "61cb0393-146"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 326
expires: Fri, 08 Mar 2024 04:03:08 GMT

POST
H2 200 / Show response
investtorg.ru/ 670 B
899 B 105ms
105ms Fetch
application/json 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://investtorg.ru/?type=param&ajax_component=18
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/js/common.js?1676291414
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty / PHP/7.2.34
Resource Hash: 121c007dd54dfc15656643c62e01dba86b884f9d64df6e10640da57bd1c5b0df

Request headers

Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:08 GMT
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Mar 2023 04:03:08GMT
server: openresty
x-powered-by: PHP/7.2.34
content-type: application/json
cache-control: max-age=31536000, public
content-length: 670
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dji_0093.webp
investtorg.ru/content/complexes/image/m_webp/ 20 KB
20 KB 82ms
80ms Image
image/webp 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/content/complexes/image/m_webp/dji_0093.webp
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: f2fe04a83a9639baadd5f86834a4474465531f1d065756694f33377268f9d75b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Tue, 12 Jul 2022 14:44:00 GMT
server: openresty
etag: "62cd88b0-4ee0"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20192
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 dji_0105.webp
investtorg.ru/content/complexes/image/m_webp/ 32 KB
32 KB 83ms
81ms Image
image/webp 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/content/complexes/image/m_webp/dji_0105.webp
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: a167b41ee96d6ce75cfcf33e64425304d306a4ad9bf2a5217a12dac3ce64a781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Thu, 20 Oct 2022 09:05:10 GMT
server: openresty
etag: "63510f46-7f24"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32548
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 dsc_1655.webp
investtorg.ru/content/complexes/image/m_webp/ 33 KB
33 KB 82ms
80ms Image
image/webp 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/content/complexes/image/m_webp/dsc_1655.webp
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 661beb7f3423f3ba0cd8da149ff2b140f6869b18c3314d33180fdb84112cd80a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Thu, 17 Mar 2022 13:07:17 GMT
server: openresty
etag: "62333285-82b4"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33460
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 arrangement-spring-flowers-with-copy-space_1.webp
investtorg.ru/content/slideshow_index/xl_webp/ 14 KB
14 KB 84ms
83ms Image
image/webp 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/content/slideshow_index/xl_webp/arrangement-spring-flowers-with-copy-space_1.webp
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: a38cbe8677da937df6f18f49f816b31af88f0beea1fad8c27a8e7670c5ec78fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:08 GMT
last-modified: Wed, 01 Mar 2023 07:40:37 GMT
server: openresty
etag: "63ff0175-381a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14362
expires: Fri, 08 Mar 2024 04:03:08 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 404ms
156ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Thu, 09 Mar 2023 05:03:09 GMT

GET
H2 200 init.js Show response
mod.calltouch.ru/ 71 KB
24 KB 337ms
140ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/init.js?id=71454638
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 6fcead10ecddc70e25a6f74d2848355d6e1f0f488cb48d44b3b90c0ee96fe55f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:09 GMT
server: nginx
etag: W/"640755f8-11abb"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 33 KB
15 KB 431ms
174ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"63beb9d2-85cc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Thu, 09 Mar 2023 05:03:09 GMT

GET
H2 200 widget_loader.js Show response
widget.iflat.io/static/js/ 6 KB
3 KB 347ms
96ms Script
application/javascript 2606:4700:3036::6815:38ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.iflat.io/static/js/widget_loader.js
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e2b1252024663cdbe8df4bc8996a239c2c8de16674fc58933ebe87f6cc795ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 21 Feb 2023 11:47:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f4af47-168b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aKd%2F2ysNmFrVVmsKqyAS2BYgVyWzVsxB0GYTzp%2F29qNC2XwPYCoBsw85%2BrkWw%2BB1PpBJyGIFkPlUYzO5WC314bGIe0pjwQ2IsIqofbghGYmR%2FKsaYO2szX%2FmCQy9u07MfYSfosUg%2F3MRxWwuhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=60, no-store, no-cache
cf-ray: 7a506d2e9c239a41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Mar 2023 04:04:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 186ms
52ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-114743022-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 03:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2739
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 05:17:30 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F655 15 KB
6 KB 158ms
51ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=investtorg.ru&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://investtorg.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 04:03:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 809583
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rtrg
vk.com/ 49 B
575 B 83ms
83ms Image
image/gif 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-964336-hAXNz&metatag_url=https%3A%2F%2Finvesttorg.ru%2F&metatag_title=%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%20%D0%B8%20%D0%BA%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%85%20%D0%BF%D0%BE%D0%BC%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%85%20%D0%B2%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B5%20%D0%B8%20%D0%9B%D0%9E%20%D0%BE%D1%82%20%D0%B7%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%89%D0%B8%D0%BA%D0%B0.%20

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv72-132-240-87.vk.com

Software

kittenx / KPHP/7.4.113460

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: gzip
x-frontend: front220207
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.113460
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 53.a627a55848be3d13fb02.js Show response
mod.calltouch.ru/ 2 KB
2 KB 92ms
86ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/53.a627a55848be3d13fb02.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=71454638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 16e9008855246bf995d835d0414b34eba14001d4b22a426acf13e4ea591765aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:09 GMT
server: nginx
etag: W/"640755f8-967"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 d_client_new.js Show response
mod.calltouch.ru/ 6 KB
3 KB 289ms
286ms Script
text/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/d_client_new.js?param;;ref;urlhttps%3A%2F%2Finvesttorg.ru%2F;cook&mod_id=71454638&script_session_id=186c4897ae1.e7b&ctObject=ct&uniq_req_id=167833458965990015&ctClientGlobalId=
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=71454638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 81bbf5439b0c90ba2459a9530d33212495382a068ebdd43d1e6e29903599135a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:09 GMT
server: nginx
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame F655
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=investtorg.ru&sn=ChromeSyncframe&so=0&topUrl=investtorg.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ElGG63xXdWc4SGNCeU9CMkh0emFLQ2ZQbGJLWDhTLzlYcVJNVkRlUVc5NS9mUEJOY3BCVHJTMHFheU1Za0NZbkJ6Wm0ydGJYYWgzS2Zyd1ZzU1RQZTFnRS9VTm1xUjYxeTlLeXJXa2RmN3hpVDFpYkZsbnIxZURBWUVNT2...

419 B
650 B

177ms
54ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ElGG63xXdWc4SGNCeU9CMkh0emFLQ2ZQbGJLWDhTLzlYcVJNVkRlUVc5NS9mUEJOY3BCVHJTMHFheU1Za0NZbkJ6Wm0ydGJYYWgzS2Zyd1ZzU1RQZTFnRS9VTm1xUjYxeTlLeXJXa2RmN3hpVDFpYkZsbnIxZURBWUVNT2JwL1hPTlhLeVdCNVRIWVhSVjZtZ1d1Q3R3bXFpcjJ0Qkw4QktuRzNyNzVzMWhpZlNJMmxIWmRvNDI0RVFzUTlnUStlNGtTVTBMOHYzK3FER1dKV3ZtclczY1Y3R280R3ByeW5QRDByK0s0YjZVU1d3QTlmRFpnVzZxdXpORlV6YnJIcEdRaWRpT2ZoWEs0V2pkZ0tTbWhJSmlkejhVZz09fA&cppv=2

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e4d7998384b69a87ac34116892ff18aa10702bdb49ef0d6f84a67538a32b7a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2370652
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ElGG63xXdWc4SGNCeU9CMkh0emFLQ2ZQbGJLWDhTLzlYcVJNVkRlUVc5NS9mUEJOY3BCVHJTMHFheU1Za0NZbkJ6Wm0ydGJYYWgzS2Zyd1ZzU1RQZTFnRS9VTm1xUjYxeTlLeXJXa2RmN3hpVDFpYkZsbnIxZURBWUVNT2JwL1hPTlhLeVdCNVRIWVhSVjZtZ1d1Q3R3bXFpcjJ0Qkw4QktuRzNyNzVzMWhpZlNJMmxIWmRvNDI0RVFzUTlnUStlNGtTVTBMOHYzK3FER1dKV3ZtclczY1Y3R280R3ByeW5QRDByK0s0YjZVU1d3QTlmRFpnVzZxdXpORlV6YnJIcEdRaWRpT2ZoWEs0V2pkZ0tTbWhJSmlkejhVZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 548225
content-length: 0
expires: 0

GET
H2 200 widget_loader.css
widget.iflat.io/static/css/ 772 B
656 B 60ms
48ms Stylesheet
text/css 2606:4700:3036::6815:38ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.iflat.io/static/css/widget_loader.css
Requested by: Host: widget.iflat.io
URL: https://widget.iflat.io/static/js/widget_loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ffc4f2bf836c0affd02050cfa2d8e28817b62c6fdeae435b089862260f557b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Feb 2023 11:47:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2157
etag: W/"63f4af47-304"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTlwuWMo5SUq3a%2BH7Qvzosw%2FTx3%2Bv0sMXvLBNT2v48Dt%2FaDHUfrPwkv0vsQkjdXWsSrbI%2BxSRj79SsQXFTfFH8RypPIv4JhZ7Ea9AQIZqa7oTDtH3ZU7HR3m%2Fx0SkPvvr%2BTDJggW7kx564gf33A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a506d31ee6b9a41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 639054ac46cfc Show response
iflat.io/api/v1/widgets/ 451 B
834 B 621ms
256ms XHR
application/json 2606:4700:3037::ac43:89b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iflat.io/api/v1/widgets/639054ac46cfc?only=button_design,publish
Requested by: Host: widget.iflat.io
URL: https://widget.iflat.io/static/js/widget_loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:89b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f723a1d09f0d54efce1435098cf3b4de550d406677d712a997d503a841e3374e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-ratelimit-remaining: 99
vary: Origin
content-type: application/json
access-control-allow-origin: https://investtorg.ru
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryFSpzSGvMpf4PMntgU3VQG65%2F%2F75pvjBY3mS4T5bxcvh5FzjlIYfmTbP4tAGopYBQYYy3od5mEIIUChbjVbqV2xGZbQWNzgcDVfknw%2BTuHHemGpPQ2oP8Opb1VSRMZ7LtuMmTKA4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 100
cf-ray: 7a506d3439943653-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 89ms
87ms XHR
text/plain 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=842725146&t=pageview&_s=1&dl=https%3A%2F%2Finvesttorg.ru%2F&ul=en-us&de=UTF-8&dt=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1211584353&gjid=1811243043&cid=2008777207.1678334590&tid=UA-114743022-6&_gid=1219162247.1678334590&_r=1&gtm=457e3360&z=938990778

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://investtorg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://investtorg.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
ad.mail.ru/retarget/ 43 B
384 B 361ms
76ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/retarget/?counter=3290845&list=VALUE&productid=VALUE&pagetype=VALUE&totalvalue=VALUE&_=0.2040718487235409
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 04:03:10 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
960 B 90ms
88ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3290845;u=https%3A//investtorg.ru/;st=1678334588951;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334589753%3A1%3A5f6c768064a96176a1e9cdee21580a94;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.8361774418318499;e=IV%3AVALUE/VALUE%3BVALUE%3BVALUE

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
959 B 93ms
91ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3290845;u=https%3A//investtorg.ru/;st=1678334588951;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334589755%3A2%3A5f6c768064a96176a1e9cdee21580a94;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.31162520403346505

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
959 B 94ms
92ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3241328;u=https%3A//investtorg.ru/;st=1678334588951;pid=USER_ID;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334589755%3A3%3A5f6c768064a96176a1e9cdee21580a94;opts=sec%2Cdl%2Cjst-gtag-ga-vk;visible=true;_=0.8446636507046508

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
962 B 95ms
93ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3282096;u=https%3A//investtorg.ru/;st=1678334588951;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334589756%3A4%3A5f6c768064a96176a1e9cdee21580a94;opts=sec%2Cdl%2Cjst-gtag-ga-vk;visible=true;_=0.5854516039201489

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
959 B 96ms
95ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3282093;u=https%3A//investtorg.ru/;st=1678334588951;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334589756%3A5%3A5f6c768064a96176a1e9cdee21580a94;opts=sec%2Cdl%2Cjst-gtag-ga-vk;visible=true;_=0.3551701415408415

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9936.cfdg9n0FUONsl7yFLwTQmIDSGVU-aWhNQnCJZYIhf0_hmvArJIYRPa_ZJhOBtqV6.PtDVDeKPNfOZqrDHbPR2yhyjqAs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9936.tnPljFC3ZgDGR3iiCBxat4LAGMz-ZLuTXIHSLCnaivvNoHljE5GtCgeQjhkeRuUNzCRXOX5DhqVLY5lTxqLu3bcMrXHWrKaq3J4XFqoNtJk%2C.cUXlUD8G8tUDG_1rPAPWgtnnOXY%2C

43 B
91 B

97ms
97ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9936.tnPljFC3ZgDGR3iiCBxat4LAGMz-ZLuTXIHSLCnaivvNoHljE5GtCgeQjhkeRuUNzCRXOX5DhqVLY5lTxqLu3bcMrXHWrKaq3J4XFqoNtJk%2C.cUXlUD8G8tUDG_1rPAPWgtnnOXY%2C

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9936.tnPljFC3ZgDGR3iiCBxat4LAGMz-ZLuTXIHSLCnaivvNoHljE5GtCgeQjhkeRuUNzCRXOX5DhqVLY5lTxqLu3bcMrXHWrKaq3J4XFqoNtJk%2C.cUXlUD8G8tUDG_1rPAPWgtnnOXY%2C
date: Thu, 09 Mar 2023 04:03:09 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 92ms
79ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:09 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 09 Mar 2023 05:03:09 GMT

OPTIONS
H2 204 set_external_data.php
mod.calltouch.ru/ Frame 0
0 240ms
89ms Preflight
text/plain 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/set_external_data.php?id=71454638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://investtorg.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 09 Mar 2023 04:03:10 GMT
expires: -1
last-modified: Thursday, 09-Mar-2023 04:03:10 GMT
pragma: no-cache
server: nginx
x-ct-fe: ct-mod-front01b

POST
H2 200 set_external_data.php Show response
mod.calltouch.ru/ 2 B
428 B 98ms
92ms XHR
text/html 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/set_external_data.php?id=71454638
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=71454638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://investtorg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 global_cookie.php Show response
mod.calltouch.ru/ 36 B
650 B 95ms
88ms XHR
text/html 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/global_cookie.php?ctClientGlobalId=&domain=https://investtorg.ru
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=71454638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: c6d1bb9543463c8a417bfc85d37a6a8b421c1e76d7a62363046aba0ffdbe0abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://investtorg.ru
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 init-widget.js Show response
mod.calltouch.ru/front/ 2 KB
1 KB 94ms
90ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/init-widget.js?ctObject=ct&rand=9829699
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/53.a627a55848be3d13fb02.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: dc0425b4650f4ce61932be6ed485546da24b0d8a50c9008b9c5bfd894b3da443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:10 GMT
server: nginx
etag: W/"63f5ba85-9a8"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 16.0d639e14546cd72aaa6d.js Show response
mod.calltouch.ru/ 1 KB
1 KB 99ms
95ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/16.0d639e14546cd72aaa6d.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=71454638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 91c088c5a227b2d78d4234992ed128b5031fdf6c9b3d8954472610074d9a947d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:10 GMT
server: nginx
etag: W/"640755f8-5a4"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2

200

beelineAID.php
mod.calltouch.ru/
Redirect Chain

https://793ccb0eb3a74fa7a5b0e5211e8ca917.ops.beeline.ru/?id=71454638t2967328528&siteId=10465&sessionId=2967328528
https://mod.calltouch.ru/beelineAID.php?id=71454638t2967328528&siteId=10465&sessionId=2967328528&beeaid=6d4f1cd3-83a1-4385-9a21-9f1d38cefe20

2 B
428 B

289ms
280ms

Image
text/html

92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mod.calltouch.ru/beelineAID.php?id=71454638t2967328528&siteId=10465&sessionId=2967328528&beeaid=6d4f1cd3-83a1-4385-9a21-9f1d38cefe20
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: H2
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

Redirect headers

date: Thu, 09 Mar 2023 04:03:10 GMT
x-route: https://upstream_ops_beeline
server: nginx
x-threads: 0
access-control-allow-methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
location: https://mod.calltouch.ru/beelineAID.php?id=71454638t2967328528&siteId=10465&sessionId=2967328528&beeaid=6d4f1cd3-83a1-4385-9a21-9f1d38cefe20
access-control-allow-credentials: true
x-host: 192.168.152.62
access-control-allow-headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0

GET
H/1.1 200
OK ct
tech.rtb.mts.ru/ 95 B
763 B 318ms
76ms Image
image/png 213.87.44.187
MTSNET Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tech.rtb.mts.ru/ct?event_type=page_view&return_img=true&mod_id=71454638&session_id=2967328528
Requested by: Host: investtorg.ru
URL: https://investtorg.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.87.44.187 , Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU),
Reverse DNS: infrastructure-187-44.mts.ru
Software: nginx/1.20.2 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 04:03:10 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 346ms
107ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=86664&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvh&p4=e%3Ddis&adce=1&bundle=MuKiw19UQ3BKaGxGeGtkanh5S0JLMHV4eFZOb2diZDFGaktWdSUyRmJzdGlwMTdDRlRPc0VqOE9kQ0FIUW90cTBiM25VbkpZdGVtVWxFRVhGVTlWNXVBSXB5Wmx1UlU0WHhJY0pJcm4wdEVBb3d2N2V6RzgzV2JPQnM2NE5NaSUyQm8xa0NzdjJic1pQbkZGcWlWa3JORmVqUjU4ZkJBJTNEJTNE&tld=investtorg.ru&fu=https%253A%252F%252Finvesttorg.ru%252F&dtycbr=49291

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f1ee283fe978f44746a1d4559f2d13470de9690469ad48fc997b65a139793803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16377970
timing-allow-origin: *
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 164ms
51ms XHR
text/plain 2a00:1450:4025:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-114743022-6&cid=2008777207.1678334590&jid=1211584353&gjid=1811243043&_gid=1219162247.1678334590&_u=YEBAAUAAAAAAACAAI~&z=595834624

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://investtorg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Mar 2023 04:03:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://investtorg.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 set_external_data.php Show response
mod.calltouch.ru/ 3 B
429 B 107ms
102ms XHR
text/html 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/set_external_data.php
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=71454638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://investtorg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

OPTIONS
H2 204 set_external_data.php
mod.calltouch.ru/ Frame 0
0 141ms
90ms Preflight
text/plain 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/set_external_data.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://investtorg.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 09 Mar 2023 04:03:10 GMT
expires: -1
last-modified: Thursday, 09-Mar-2023 04:03:10 GMT
pragma: no-cache
server: nginx
x-ct-fe: ct-mod-front01b

GET
H2 200 widget.js Show response
mod.calltouch.ru/front/ Frame D0F0 984 KB
281 KB 86ms
83ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/init-widget.js?ctObject=ct&rand=9829699
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: ca78f1c91e22b58ed2f43fb14fb15af2591ebefc8cd752e9cba1aa9eec2cf1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:10 GMT
server: nginx
etag: W/"63f5ba85-f5ed4"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2

200

1 Show response
mc.yandex.com/watch/78777663/
Redirect Chain

https://mc.yandex.com/watch/78777663?wmode=7&page-url=https%3A%2F%2Finvesttorg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...
https://mc.yandex.com/watch/78777663/1?wmode=7&page-url=https%3A%2F%2Finvesttorg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...

428 B
511 B

89ms
88ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/78777663/1?wmode=7&page-url=https%3A%2F%2Finvesttorg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1105154318867%3Ahid%3A6890435%3Az%3A0%3Ai%3A20230309040309%3Aet%3A1678334590%3Ac%3A1%3Arn%3A169393857%3Arqn%3A1%3Au%3A1678334590437383718%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C159%2C279%2C87%2C369%2C0%2C%2C351%2C0%2C%2C%2C%2C1247%3Aco%3A0%3Acpf%3A1%3Ans%3A1678334587704%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678334590%3At%3A%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

171ad6670752e6db4e3f219ceb666ab8796d459a53f6a933376c3a40aff94c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 09-Mar-2023 04:03:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://investtorg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Thu, 09-Mar-2023 04:03:10 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09-Mar-2023 04:03:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/78777663/1?wmode=7&page-url=https%3A%2F%2Finvesttorg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1105154318867%3Ahid%3A6890435%3Az%3A0%3Ai%3A20230309040309%3Aet%3A1678334590%3Ac%3A1%3Arn%3A169393857%3Arqn%3A1%3Au%3A1678334590437383718%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C159%2C279%2C87%2C369%2C0%2C%2C351%2C0%2C%2C%2C%2C1247%3Aco%3A0%3Acpf%3A1%3Ans%3A1678334587704%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678334590%3At%3A%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://investtorg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 09-Mar-2023 04:03:10 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 212ms
77ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-114743022-6&cid=2008777207.1678334590&jid=1211584353&_u=YEBAAUAAAAAAACAAI~&z=1468017983

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 220ms
85ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-114743022-6&cid=2008777207.1678334590&jid=1211584353&_u=YEBAAUAAAAAAACAAI~&z=1468017983

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9936.OqMEnyVKrAzyzedHb1kD73wRdf5QMwl8Sr2Ro3TKI_Dqoi53PLApdnnYSzCgOFEZ.rutOwKPdLXF1NoPZVc1y8HEDVmg%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9936.ODff7kfhhQa3yqzDDNbCbVS--fB3GC6urhGllen4HkJwy2hzu_HzQUL7jhnkB5TCtZ0LU2QFyYdcuFXzTUmXe5lh6qMJd_lDQ9FvYFScAjY%2C.DS_s_7P6mwpu3WQAB7...

43 B
98 B

84ms
80ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9936.ODff7kfhhQa3yqzDDNbCbVS--fB3GC6urhGllen4HkJwy2hzu_HzQUL7jhnkB5TCtZ0LU2QFyYdcuFXzTUmXe5lh6qMJd_lDQ9FvYFScAjY%2C.DS_s_7P6mwpu3WQAB7dO9wcM17s%2C

Requested by

Host: investtorg.ru
URL: https://investtorg.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9936.ODff7kfhhQa3yqzDDNbCbVS--fB3GC6urhGllen4HkJwy2hzu_HzQUL7jhnkB5TCtZ0LU2QFyYdcuFXzTUmXe5lh6qMJd_lDQ9FvYFScAjY%2C.DS_s_7P6mwpu3WQAB7dO9wcM17s%2C
date: Thu, 09 Mar 2023 04:03:10 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
875 B 93ms
91ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3290845;u=https%3A//investtorg.ru/;st=1678334588951;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1678334587704/////369/370/371/371/530/448/530/809/896/812/1247/1247/1247/2924/2925/;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334590631%3A6%3A5f6c768064a96176a1e9cdee21580a94;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.23041630770509736;e=RT/load;et=1678334590629

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
875 B 95ms
93ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3241328;u=https%3A//investtorg.ru/;st=1678334588951;pid=USER_ID;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1678334587704/////369/370/371/371/530/448/530/809/896/812/1247/1247/1247/2924/2925/;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334590635%3A7%3A5f6c768064a96176a1e9cdee21580a94;opts=sec%2Cdl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.6047191149797007;e=RT/load;et=1678334590629

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
874 B 96ms
95ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3282096;u=https%3A//investtorg.ru/;st=1678334588951;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1678334587704/////369/370/371/371/530/448/530/809/896/812/1247/1247/1247/2924/2925/;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334590636%3A8%3A5f6c768064a96176a1e9cdee21580a94;opts=sec%2Cdl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.6753003656965804;e=RT/load;et=1678334590629

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
872 B 97ms
97ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3282093;u=https%3A//investtorg.ru/;st=1678334588951;title=%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D1%82%D0%BE%D1%80%D0%B3;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d7b5cf4d5b2a0687;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1678334587704/////369/370/371/371/530/448/530/809/896/812/1247/1247/1247/2924/2925/;ni=9.5//4g/0/0/;lvid=1678334589742%3A1678334590636%3A9%3A5f6c768064a96176a1e9cdee21580a94;opts=sec%2Cdl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.9196297960632169;e=RT/load;et=1678334590629

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame DA08
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-e9Wi5PJPKGsiw9N4Olt5qk6Ky1CFiIp7LchSYw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e9Wi5PJPKGsiw9N4Olt5qk6Ky1CFiIp7LchSYw&expires=30

43 B
345 B

44ms
44ms

Image
image/gif

18.196.177.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e9Wi5PJPKGsiw9N4Olt5qk6Ky1CFiIp7LchSYw&expires=30
Protocol: H2
Server: 18.196.177.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-177-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e9Wi5PJPKGsiw9N4Olt5qk6Ky1CFiIp7LchSYw&expires=30
date: Thu, 09 Mar 2023 04:03:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DA08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-M4NpCfJPKGsiw9N4Olt5qk6Ky1CdI8DJe0f4iw&google_cm&google_hm=ay1NNE5wQ2ZKUEtHc2l3OU40T2x0NXFrNkt5MUNkSThES...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-M4NpCfJPKGsiw9N4Olt5qk6Ky1CdI8DJe0f4iw&google_cm=&google_hm=ay1NNE5wQ2ZKUEtHc2l3OU40T2x0NXFrNkt5MUNkSTh...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M4NpCfJPKGsiw9N4Olt5qk6Ky1CdI8DJe0f4iw&google_gid=CAESEH-QlBLmSZwOX0FTnPHSx2s&google_cver=1&google_ula=913071,0

43 B
371 B

716ms
408ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M4NpCfJPKGsiw9N4Olt5qk6Ky1CdI8DJe0f4iw&google_gid=CAESEH-QlBLmSZwOX0FTnPHSx2s&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1417064
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M4NpCfJPKGsiw9N4Olt5qk6Ky1CdI8DJe0f4iw&google_gid=CAESEH-QlBLmSZwOX0FTnPHSx2s&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DA08
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5696649827099633135

43 B
370 B

825ms
409ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5696649827099633135

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2061357
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 04:03:10 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6e2a98cf-2375-47d8-89fc-62020a26c2e4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5696649827099633135
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame DA08
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-9zGW0fJPKGsiw9N4Olt5qk6Ky1C5DN9_owwo6A
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-9zGW0fJPKGsiw9N4Olt5qk6Ky1C5DN9_owwo6A

43 B
1 KB

47ms
42ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-9zGW0fJPKGsiw9N4Olt5qk6Ky1C5DN9_owwo6A

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 04:03:10 GMT
AN-X-Request-Uuid: 977407fd-e7a9-4a12-aff9-b3562dc430b7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 04:03:10 GMT
AN-X-Request-Uuid: 1224035d-82e4-4e8e-870b-642ce495d32a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-9zGW0fJPKGsiw9N4Olt5qk6Ky1C5DN9_owwo6A
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame DA08 237 B
979 B 224ms
86ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-YIs59vJPKGsiw9N4Olt5qk6Ky1D9GxEGF8F39Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 04:03:10 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Thu, 09 Mar 2023 04:03:10 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame DA08 0
239 B 214ms
44ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-RTGxWfJPKGsiw9N4Olt5qk6Ky1D2eBMQrjff7Q&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame DA08 0
35 B 221ms
43ms Image
text/plain 18.193.246.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-MQKb3vJPKGsiw9N4Olt5qk6Ky1BIQ1aCr1j90w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.246.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-246-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame DA08 43 B
114 B 280ms
49ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-qAUfpfJPKGsiw9N4Olt5qk6Ky1BQLSgygN1VuA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DA08 0
99 B 174ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-RmZA-fJPKGsiw9N4Olt5qk6Ky1B6jcDpXGxtRg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41859

GET
H2 200 um
criteo-sync.teads.tv/ Frame DA08 23 B
172 B 364ms
89ms Image
image/gif 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-K9U53PJPKGsiw9N4Olt5qk6Ky1BVbJK2jFs9Bw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Thu, 09 Mar 2023 04:03:10 GMT
pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame DA08 37 B
140 B 163ms
41ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-69fSiPJPKGsiw9N4Olt5qk6Ky1AzV-ZssvlkVw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame DA08
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4dRx1_JPKGsiw9N4Olt5qk6Ky1DiHqq5r3e4hw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4dRx1_JPKGsiw9N4Olt5qk6Ky1DiHqq5r3e4hw&verify=true

0
121 B

73ms
49ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4dRx1_JPKGsiw9N4Olt5qk6Ky1DiHqq5r3e4hw&verify=true

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4dRx1_JPKGsiw9N4Olt5qk6Ky1DiHqq5r3e4hw&verify=true
date: Thu, 09 Mar 2023 04:03:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame DA08 43 B
163 B 136ms
39ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-7LtuYfJPKGsiw9N4Olt5qk6Ky1DNyJYhK8Ostw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
last-modified: Wed, 11 Oct 2017 14:26:30 GMT
server: nginx
accept-ranges: bytes
etag: "59de2a16-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame DA08 49 B
235 B 198ms
54ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-GPZpuvJPKGsiw9N4Olt5qk6Ky1D5vPjTftguhQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:10 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame DA08
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rCwD_PJPKGsiw9N4Olt5qk6Ky1CCU_omiViu5Q
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rCwD_PJPKGsiw9N4Olt5qk6Ky1CCU_omiViu5Q&C=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rCwD_PJPKGsiw9N4Olt5qk6Ky1CCU_omiViu5Q&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 04:03:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 04:03:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-rCwD_PJPKGsiw9N4Olt5qk6Ky1CCU_omiViu5Q&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame DA08
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ckUOrMR4Fq_X2MNdpBMhQiHNrdtO9zz-
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ckUOrMR4Fq_X2MNdpBMhQiHNrdtO9zz-

42 B
942 B

57ms
57ms

Image
image/gif

52.48.213.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ckUOrMR4Fq_X2MNdpBMhQiHNrdtO9zz-

Protocol

HTTP/1.1

Server

52.48.213.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-213-254.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0bf7d8264.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wwtLFYu0QSA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-04e0e9a66.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4mXUsHkFRkU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ckUOrMR4Fq_X2MNdpBMhQiHNrdtO9zz-
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame DA08 43 B
1 KB 147ms
47ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-T097TPJPKGsiw9N4Olt5qk6Ky1AdJnJsToJK8Q

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 09 Mar 2023 04:03:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame DA08
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ghpU0vJPKGsiw9N4Olt5qk6Ky1BDumMzh11i8A
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ghpU0vJPKGsiw9N4Olt5qk6Ky1BDumMzh11i8A

43 B
447 B

45ms
45ms

Image
image/gif

52.58.252.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ghpU0vJPKGsiw9N4Olt5qk6Ky1BDumMzh11i8A
Protocol: H2
Server: 52.58.252.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-252-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 04:03:11 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ghpU0vJPKGsiw9N4Olt5qk6Ky1BDumMzh11i8A
date: Thu, 09 Mar 2023 04:03:11 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame DA08 42 B
274 B 180ms
55ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-zU3q7_JPKGsiw9N4Olt5qk6Ky1ALrVSoXTi2ww
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:10 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame DA08 0
885 B 174ms
50ms Image
text/html 52.58.131.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pMmQf_JPKGsiw9N4Olt5qk6Ky1AOOxkFrOYRMw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.131.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-131-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:11 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame DA08 0
145 B 231ms
48ms Image
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-S_NGK_JPKGsiw9N4Olt5qk6Ky1BO_hc4MUSXFw&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 04:03:11 GMT
Cache-Control: no-cache
X-TraceId: b0c831dd732ef4b09b416b8bb2ee844c
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame DA08 42 B
580 B 164ms
48ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-qbhaRPJPKGsiw9N4Olt5qk6Ky1BSBXriF7d5IA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 04:03:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame DA08 43 B
183 B 389ms
118ms Image
image/gif 2600:1f18:612b:4232:859f:deb5:f2bd:dfa1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Aeva__JPKGsiw9N4Olt5qk6Ky1DRJNzrLBmozw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:859f:deb5:f2bd:dfa1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 09 Mar 2023 04:03:11 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame DA08 43 B
153 B 139ms
35ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-yfgTbPJPKGsiw9N4Olt5qk6Ky1D-X3y6Wjmzjw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 04:03:11 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame DA08 0
525 B 206ms
71ms Image
text/plain 104.96.129.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-akWBfPJPKGsiw9N4Olt5qk6Ky1DI7IpVLUFzSw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.129.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-129-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 04:03:11 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 08 Mar 2023 04:03:11 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame DA08 0
38 B 1275ms
235ms Image
text/plain 52.209.66.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-aCWaq_JPKGsiw9N4Olt5qk6Ky1DLnKyKYt0FVg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.66.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-66-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:12 GMT
content-length: 0

POST
H2 200 callback_load.php Show response
mod.calltouch.ru/ Frame D0F0 14 KB
4 KB 186ms
182ms XHR
application/json 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/callback_load.php
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 1e6575d7b318c1dd1c85eb9721033030c8c11fb9004fc1e7aa43e22d43806315

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

OPTIONS
H2 204 callback_load.php
mod.calltouch.ru/ Frame 0
0 94ms
92ms Preflight
text/plain 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/callback_load.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://investtorg.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 09 Mar 2023 04:03:10 GMT
expires: -1
last-modified: Thursday, 09-Mar-2023 04:03:10 GMT
pragma: no-cache
server: nginx
x-ct-fe: ct-mod-front01b

GET
H2 200 2077.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 69 KB
25 KB 112ms
98ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/2077.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: c52ea00e19147adbf8bd9c76c48937acd5cb4b5f2a4b08aeac636f2788074863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-11371"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 4144.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 22 KB
6 KB 113ms
99ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/4144.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 3bdfb3de8b83918fedaac9ce5fb7c87e8b0d872c3a5a77c30d7bf5d13e5ef689

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-5959"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame DA08
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=fAnNBTWHGxLsQr2daUByRch5f2g858Va

0
338 B

217ms
54ms

Image
text/plain

99.81.95.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=fAnNBTWHGxLsQr2daUByRch5f2g858Va
Protocol: H2
Server: 99.81.95.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-95-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n004-dub-prod.krxd.net
date: Thu, 09 Mar 2023 04:03:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1678334591
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=fAnNBTWHGxLsQr2daUByRch5f2g858Va
date: Thu, 09 Mar 2023 04:03:11 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1126128
content-length: 0

GET
H2 200 4967.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 12 KB
4 KB 74ms
71ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/4967.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: babff6d451189c24c0f15bebc8aaef1a6bd01f838014effc00373aeb518fc264

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-2fc7"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 2181.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 17 KB
5 KB 74ms
73ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/2181.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: ad62c1ac34b5c90b87c69d737e8104d15f1d7ad6948fa7d383911d2c28c3e872

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-451b"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 2693.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 7 KB
3 KB 81ms
79ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/2693.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: af0924e9f6761658b0a119ba322879039de5a16e4b0889c1cdcc3b8098c4f46a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-1b7f"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 4637.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 35 KB
10 KB 437ms
437ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/4637.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: c507e329c1a3c77e2892da5432f4d2fc5284e6c7948d6e71eda3afa78a4f2bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-8b8d"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2

200

cs
s.thebrighttag.com/ Frame DA08
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ITtxbtdSaTnyId52NbDUWsCtY18eHm5c

35 B
268 B

466ms
129ms

Image
image/gif

18.188.81.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ITtxbtdSaTnyId52NbDUWsCtY18eHm5c
Protocol: H2
Server: 18.188.81.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-188-81-199.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
x-bt-requestid: 4f2616b0-be2f-11ed-92a7-0000ac17017a
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ITtxbtdSaTnyId52NbDUWsCtY18eHm5c
date: Thu, 09 Mar 2023 04:03:11 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1046583
content-length: 0

POST
H2 200 widget_event.php Show response
mod.calltouch.ru/ Frame D0F0 1 B
458 B 98ms
98ms XHR
application/json 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/widget_event.php
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

OPTIONS
H2 204 widget_event.php
mod.calltouch.ru/ Frame 0
0 71ms
70ms Preflight
text/plain 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/widget_event.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://investtorg.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 09 Mar 2023 04:03:11 GMT
expires: -1
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
pragma: no-cache
server: nginx
x-ct-fe: ct-mod-front01b

GET
H2 200 1445.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 2 KB
1 KB 70ms
70ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/1445.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 5453ad6f1135f0d2973accec99280034739ae7edf51f7546c74a382a045163ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-6e3"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 918.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 2 KB
1 KB 70ms
70ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/918.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: ab91ee01c1aab26cf8a3b46db7e353e6f79cfcdd712f62b790289269d88a2c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-6ed"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

GET
H2 200 1797.e8d553a43efce18924df.js Show response
mod.calltouch.ru/front/ Frame D0F0 2 KB
2 KB 81ms
80ms Script
application/javascript 92.118.67.2
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/front/1797.e8d553a43efce18924df.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/front/widget.js?version=97308743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS: ct-mod-front01.calltouch.net
Software: nginx /
Resource Hash: 76dc30075544930aecef47b4882aa144ea64abee1bb870914340877ad96054dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:11 GMT
content-encoding: gzip
last-modified: Thursday, 09-Mar-2023 04:03:11 GMT
server: nginx
etag: W/"63f5ba85-9a6"
vary: Accept-Encoding
x-ct-fe: ct-mod-front01b
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: -1

POST
H2 200 78777663 Show response
mc.yandex.com/webvisor/ 43 B
145 B 322ms
84ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/78777663?wmode=0&wv-part=1&wv-hit=6890435&page-url=https%3A%2F%2Finvesttorg.ru%2F&rn=357049245&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678334593%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230309040313%3Au%3A1678334590437383718%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678334593&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://investtorg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:13 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09-Mar-2023 04:03:13 GMT
content-type: image/gif
access-control-allow-origin: https://investtorg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 09-Mar-2023 04:03:13 GMT

POST
H2 200 78777663 Show response
mc.yandex.com/webvisor/ 43 B
97 B 79ms
78ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/78777663?wmode=0&wv-part=1&wv-hit=6890435&page-url=https%3A%2F%2Finvesttorg.ru%2F&rn=401453858&wv-type=3&browser-info=we%3A1%3Aet%3A1678334594%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230309040313%3Au%3A1678334590437383718%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678334594&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://investtorg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:13 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09-Mar-2023 04:03:13 GMT
content-type: image/gif
access-control-allow-origin: https://investtorg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 09-Mar-2023 04:03:13 GMT

GET
H2 200 lovable-young-woman-white-sneakers-posing-with-present-box-fascinating-girl-making-kissing-face-expressing-while-holding-big-gift2.webp
investtorg.ru/content/slideshow_index/xl_webp/ 13 KB
14 KB 155ms
155ms Image
image/webp 91.189.114.18
RU-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investtorg.ru/content/slideshow_index/xl_webp/lovable-young-woman-white-sneakers-posing-with-present-box-fascinating-girl-making-kissing-face-expressing-while-holding-big-gift2.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.189.114.18 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS: wcarp.hosting.nic.ru
Software: openresty /
Resource Hash: 889e2bb273e5d92a728f6fb4c08a3daa3aa17de67e3702875e86c237d28e8d6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investtorg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:03:14 GMT
last-modified: Fri, 03 Mar 2023 14:38:14 GMT
server: openresty
etag: "64020656-3542"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13634
expires: Fri, 08 Mar 2024 04:03:14 GMT

POST
H2 200 78777663 Show response
mc.yandex.com/webvisor/ 43 B
145 B 83ms
82ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/78777663?wmode=0&wv-part=2&wv-hit=6890435&page-url=https%3A%2F%2Finvesttorg.ru%2F&rn=444537581&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678334595%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230309040314%3Au%3A1678334590437383718%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678334595&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://investtorg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 04:03:14 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09-Mar-2023 04:03:14 GMT
content-type: image/gif
access-control-allow-origin: https://investtorg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 09-Mar-2023 04:03:14 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
investtorg.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: c0212ae49e29cdd216bdac1a499d77e2
.vk.com/	1970-01-20 19:04:00	Name: remixlang Value: 6
.vk.com/	1970-01-20 18:57:50	Name: remixstlid Value: 9085403444166386688_2e2t091OcQhB3vCElhWBFZ9OYLjJVz5AovkcebuamBc
.criteo.com/	1970-01-20 19:33:50	Name: uid Value: da0993cd-9b37-4492-869e-3d3145779808
.investtorg.ru/	1970-01-20 19:48:14	Name: _ga Value: GA1.2.2008777207.1678334590
.investtorg.ru/	1970-01-20 10:13:40	Name: _gid Value: GA1.2.1219162247.1678334590
.investtorg.ru/	1970-01-20 10:12:14	Name: _gat_gtag_UA_114743022_6 Value: 1
.investtorg.ru/	1970-01-20 18:11:45	Name: tmr_lvid Value: 5f6c768064a96176a1e9cdee21580a94
.investtorg.ru/	1970-01-20 18:11:45	Name: tmr_lvidTS Value: 1678334589742
.investtorg.ru/	1970-01-20 18:57:50	Name: _ym_uid Value: 1678334590437383718
.investtorg.ru/	1970-01-20 18:57:50	Name: _ym_d Value: 1678334590
.mc.yandex.com/	1970-01-20 10:12:15	Name: sync_cookie_csrf Value: 233487541fake
.investtorg.ru/	1970-01-20 10:13:26	Name: _ym_isad Value: 2
investtorg.ru/	1969-12-31 23:59:59	Name: _ct_ids Value: 71454638%3A10465%3A2967328528
investtorg.ru/	1969-12-31 23:59:59	Name: _ct_session_id Value: 2967328528
investtorg.ru/	1969-12-31 23:59:59	Name: _ct_site_id Value: 10465
.investtorg.ru/	1970-01-20 10:12:16	Name: call_s Value: %3C!%3E%7B%2271454638%22%3A%5B1678336389%2C2967328528%2C%7B%22126776%22%3A%22393256%22%7D%5D%2C%22d%22%3A2%7D%3C!%3E
investtorg.ru/	1970-01-20 19:48:14	Name: _ct Value: 300000001472896709
.mc.yandex.ru/	1970-01-20 10:12:15	Name: sync_cookie_csrf Value: 3918836607fake
.investtorg.ru/	1970-01-20 19:41:38	Name: cto_bundle Value: MuKiw19UQ3BKaGxGeGtkanh5S0JLMHV4eFZOb2diZDFGaktWdSUyRmJzdGlwMTdDRlRPc0VqOE9kQ0FIUW90cTBiM25VbkpZdGVtVWxFRVhGVTlWNXVBSXB5Wmx1UlU0WHhJY0pJcm4wdEVBb3d2N2V6RzgzV2JPQnM2NE5NaSUyQm8xa0NzdjJic1pQbkZGcWlWa3JORmVqUjU4ZkJBJTNEJTNE
.mod.calltouch.ru/	1970-01-20 19:48:14	Name: _ct_client_global_id Value: cc06cd49-339b-5307-846e-5cd35fdbf2e1
investtorg.ru/	1970-01-20 19:48:14	Name: _ct_client_global_id Value: cc06cd49-339b-5307-846e-5cd35fdbf2e1
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 687713501678334590
.yandex.com/	1970-01-20 19:48:14	Name: i Value: M8UqA5M2SsMwtKmyRXflzmN2w6E9hRkdNxHK2E4/dKIR7e6ymwB5/7nVdeL1lEEBCevzEbMMQc3z1VN+tBrA3ter5xY=
.yandex.com/	1970-01-20 18:57:50	Name: yandexuid Value: 9073602731678334590
.yandex.com/	1970-01-20 18:57:50	Name: yuidss Value: 9073602731678334590
.yandex.com/	1970-01-20 18:57:50	Name: ymex Value: 1709870590.yc.1678334590#1709870590.yrts.1678334590#1709870590.yrtsi.1678334590
.mts.ru/	1970-01-20 19:48:14	Name: mts_id Value: 5456453b-6381-42f1-b48d-66d924395a43
.mts.ru/	1970-01-20 19:48:14	Name: mts_id_last_sync Value: 1678334590
investtorg.ru/	1969-12-31 23:59:59	Name: cted Value: modId%3D71454638%3Bclient_id%3D2008777207.1678334590%3Bya_client_id%3D1678334590437383718
.beeline.ru/	1969-12-31 23:59:59	Name: BeeAID Value: 6d4f1cd3-83a1-4385-9a21-9f1d38cefe20
.investtorg.ru/	1970-01-20 10:12:16	Name: _ym_visorc Value: w
.mail.ru/	1970-01-20 18:59:16	Name: VID Value: 1mcJv_3zMQ2G00000p1cP4IG:::0-0-0-923b33d:CAASEKjVVZKifOqm6yHgoYtWk04aYO1qMjlfPQPl3e3snBJcs0Xs398a_xh-MWC5IGgMZgsQleSmkfR-tVTe0y2NzHlqwlZN4lJJPalKRudypY3gZpQfOfMAC36Co4odkn1x15cUxMtmeFlhm3nIngeK_E5UWQ
.adnxs.com/	1970-01-20 12:21:50	Name: uuid2 Value: 5696649827099633135
.adnxs.com/	1970-01-20 12:21:50	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2In8ok(BI!]tbPl@/D!9hy6]/Cwi-g!#R(gv%Xfbk@DVif/nwZt8vwl[`>]i.UukhWDb!bOK+v??lByZ%pu%bpRzqF1`*bd>v+jtCU
.media.net/	1970-01-20 18:57:50	Name: visitor-id Value: 3213361909085548000V10
.media.net/	1970-01-20 10:55:26	Name: data-c-ts Value: 1678334590
.media.net/	1970-01-20 10:55:26	Name: data-c Value: k-YIs59vJPKGsiw9N4Olt5qk6Ky1D9GxEGF8F39Q~~3
.doubleclick.net/	1970-01-20 19:33:50	Name: IDE Value: AHWqTUlBuBYxaimzjI6BuYa8gi9VEX9wmMuLSzce6GdPcqs-PXVm1dBJ5GuMasnmgeo
.casalemedia.com/	1970-01-20 18:57:50	Name: CMID Value: ZAlafiMfiCj57v4h5yE9SAAA
.casalemedia.com/	1970-01-20 12:21:50	Name: CMPS Value: 3170
.casalemedia.com/	1970-01-20 12:21:50	Name: CMPRO Value: 3170
.bidswitch.net/	1970-01-20 18:57:50	Name: tuuid Value: 97997a3a-12a7-4032-bad0-d20f9e350ff5
.bidswitch.net/	1970-01-20 18:57:50	Name: c Value: 1678334591
.bidswitch.net/	1970-01-20 18:57:50	Name: tuuid_lu Value: 1678334591
.demdex.net/	1970-01-20 14:31:26	Name: demdex Value: 65034029679141358101525704666950729035
.yahoo.com/	1970-01-20 18:58:12	Name: A3 Value: d=AQABBH9aCWQCEABXiJ5rrEf8DYQgP7OGgxYFEgEBAQGrCmQTZAAAAAAA_eMAAA&S=AQAAApuvADvw1uLl_ar6hna5qhQ
.id5-sync.com/	1970-01-20 10:12:14	Name: cf Value:
.id5-sync.com/	1970-01-20 10:12:14	Name: cip Value:
.id5-sync.com/	1970-01-20 10:12:14	Name: cnac Value:
.id5-sync.com/	1970-01-20 10:12:14	Name: car Value:
.id5-sync.com/	1970-01-20 10:12:14	Name: gdpr Value:
.id5-sync.com/	1970-01-20 10:12:14	Name: callback Value:
.dpm.demdex.net/	1970-01-20 14:31:26	Name: dpm Value: 65034029679141358101525704666950729035
.analytics.yahoo.com/	1970-01-20 18:57:50	Name: IDSYNC Value: 18zh~2aes
exchange.mediavine.com/	1970-01-20 10:32:24	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%224eb77660-be2f-11ed-8516-d7e5f78a27dd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:32:24	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224eb77660-be2f-11ed-8516-d7e5f78a27dd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:32:24	Name: am_tokens Value: %7B%22mv_uuid%22%3A%224eb77660-be2f-11ed-8516-d7e5f78a27dd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:32:24	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224eb77660-be2f-11ed-8516-d7e5f78a27dd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:32:24	Name: criteo Value: %7B%22id%22%3A%22k-pMmQf_JPKGsiw9N4Olt5qk6Ky1AOOxkFrOYRMw%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 12:21:50	Name: tuuid Value: 936959d6-f497-40ac-80f1-c7854b3646e7
.360yield.com/	1970-01-20 12:21:50	Name: tuuid_lu Value: 1678334591
.pubmatic.com/	1970-01-20 10:55:26	Name: KRTBCOOKIE_97 Value: 3385-uid:k-qbhaRPJPKGsiw9N4Olt5qk6Ky1BSBXriF7d5IA&KRTB&23144-uid:k-qbhaRPJPKGsiw9N4Olt5qk6Ky1BSBXriF7d5IA&KRTB&23286-uid:k-qbhaRPJPKGsiw9N4Olt5qk6Ky1BSBXriF7d5IA&KRTB&23287-uid:k-qbhaRPJPKGsiw9N4Olt5qk6Ky1BSBXriF7d5IA
.pubmatic.com/	1970-01-20 10:55:26	Name: PugT Value: 1678334590
.360yield.com/	1970-01-20 12:21:50	Name: um Value: !38,Rqb8j.hSNE0nzTAkUblgVXrmrrQv1k9C0dzCpIPXg0I5CTZzizilPBE71Ig5RQQMS0MSDTSw,1686110591
.360yield.com/	1970-01-20 12:21:50	Name: umeh Value: !38,0,1740542591,-1
.krxd.net/	1970-01-20 14:31:26	Name: _kuid_ Value: PbG1PGxk
investtorg.ru/	1970-01-20 10:13:40	Name: tmr_detect Value: 0%7C1678334592088

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

793ccb0eb3a74fa7a5b0e5211e8ca917.ops.beeline.ru
a.twiago.com
ad.360yield.com
ad.mail.ru
ad.yieldlab.net
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
iflat.io
investtorg.ru
match.sharethrough.com
matching.ivitrack.com
mc.yandex.com
mc.yandex.ru
mod.calltouch.ru
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tech.rtb.mts.ru
top-fwz1.mail.ru
ups.analytics.yahoo.com
visitor.omnitagjs.com
vk.com
widget.iflat.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.96.129.75
141.226.228.48
141.95.98.64
142.251.208.98
178.250.0.157
178.250.0.163
178.250.1.9
18.188.81.199
18.193.246.45
18.196.177.146
185.255.84.153
185.64.190.80
185.80.39.216
185.86.139.94
20.13.96.71
213.87.44.187
23.203.125.36
2600:1f18:612b:4232:859f:deb5:f2bd:dfa1
2606:4700:3036::6815:38ea
2606:4700:3037::ac43:89b0
2a00:1148:db00::17
2a00:1450:400d:805::200e
2a00:1450:400d:808::2003
2a00:1450:400d:80c::2004
2a00:1450:400d:80c::2008
2a00:1450:4025:402::9c
2a02:2638::1c
2a02:2638::3
2a02:6b8::1:119
3.71.149.231
34.117.157.22
37.157.4.25
37.252.171.21
37.252.171.85
37.9.245.57
52.209.66.62
52.48.213.254
52.58.131.235
52.58.252.202
69.173.144.138
76.223.111.18
85.215.5.31
87.240.132.72
91.189.114.18
92.118.67.2
92.123.38.97
95.163.52.67
99.81.95.207
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
09ae5c716f18d01029f9dfd6a690c8a1890dc71d850bfc3e2a6b7063c9112d8e
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
121c007dd54dfc15656643c62e01dba86b884f9d64df6e10640da57bd1c5b0df
16e9008855246bf995d835d0414b34eba14001d4b22a426acf13e4ea591765aa
171ad6670752e6db4e3f219ceb666ab8796d459a53f6a933376c3a40aff94c15
1e6575d7b318c1dd1c85eb9721033030c8c11fb9004fc1e7aa43e22d43806315
1e8826549c5bd25323463d98fecad2cd80c0e0680af79932e56659c7df7d2d80
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3bdfb3de8b83918fedaac9ce5fb7c87e8b0d872c3a5a77c30d7bf5d13e5ef689
3c940f0c5a6dfa8f97f9728e2c764feb598cb38269e0be4ca1a714d4a90da6e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fde8058613c647246079d338befa7b86d4e3a0c67668cd47c63b9dac9ab4609
5453ad6f1135f0d2973accec99280034739ae7edf51f7546c74a382a045163ec
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
62c795ff5e28ef08ad705af3509318cbf82a0abec36222ce43499a863d697783
661beb7f3423f3ba0cd8da149ff2b140f6869b18c3314d33180fdb84112cd80a
699135d5efe9f988cb4dac1f37fbf7d938bd80f5d0969ffafb10ec5314e953f3
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
6fcead10ecddc70e25a6f74d2848355d6e1f0f488cb48d44b3b90c0ee96fe55f
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
76dc30075544930aecef47b4882aa144ea64abee1bb870914340877ad96054dd
7a3b6c8c1bd576df428e4825484b297245726cb014b78a14df032facc8aa8b41
7b86f73395b0c89d90a6724a84c5f914858bc86f517584ca7a4929016c21298e
80155ec50e9a619cfca9405b46720fc7175a25119edabbbe539928714e5ed2a7
81bbf5439b0c90ba2459a9530d33212495382a068ebdd43d1e6e29903599135a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
889e2bb273e5d92a728f6fb4c08a3daa3aa17de67e3702875e86c237d28e8d6e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e2b1252024663cdbe8df4bc8996a239c2c8de16674fc58933ebe87f6cc795ea
91c088c5a227b2d78d4234992ed128b5031fdf6c9b3d8954472610074d9a947d
92d761dba0a5726ae8adcb89f91001b95a8d6593903a5d0c8476be42fca13938
97ffc4f2bf836c0affd02050cfa2d8e28817b62c6fdeae435b089862260f557b
9c4e864630bc3d60d977502e3dbad2cd072dd5a2344aa55f0121391811246277
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a167b41ee96d6ce75cfcf33e64425304d306a4ad9bf2a5217a12dac3ce64a781
a38cbe8677da937df6f18f49f816b31af88f0beea1fad8c27a8e7670c5ec78fd
a699057b1cb03036eb50b71175336cb26347509077d98c6170831ac6de7f9ccc
ab91ee01c1aab26cf8a3b46db7e353e6f79cfcdd712f62b790289269d88a2c7b
ad62c1ac34b5c90b87c69d737e8104d15f1d7ad6948fa7d383911d2c28c3e872
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
af0924e9f6761658b0a119ba322879039de5a16e4b0889c1cdcc3b8098c4f46a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba1c9089ea6c61708dc40c9426a518035ebee919b3c3abd464131d21228974d2
babff6d451189c24c0f15bebc8aaef1a6bd01f838014effc00373aeb518fc264
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c507e329c1a3c77e2892da5432f4d2fc5284e6c7948d6e71eda3afa78a4f2bdf
c52ea00e19147adbf8bd9c76c48937acd5cb4b5f2a4b08aeac636f2788074863
c6d1bb9543463c8a417bfc85d37a6a8b421c1e76d7a62363046aba0ffdbe0abd
ca78f1c91e22b58ed2f43fb14fb15af2591ebefc8cd752e9cba1aa9eec2cf1e8
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03b2a573e13c69a70a4efb22ca78f769ff96692861433bc7fd967e3907f4bca
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d44303c75879586a655d74d158e5a96eb8ec8dc58786734f9e7251367a519685
dc0425b4650f4ce61932be6ed485546da24b0d8a50c9008b9c5bfd894b3da443
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e14384011452fd2ee8070db065bf6cbffd266ab5305a6896b1c88b1a6209514a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d7998384b69a87ac34116892ff18aa10702bdb49ef0d6f84a67538a32b7a71
e6050bb75c68f005ae1009d42b4c52467039779e38d1cda1fa1bae408b5f7fa9
e7e8f4d24fbabd8bfb4b5eb616dc1a79068f6f438c1f0a11c0d99a479eb28185
ee9d6cb030a1d434132bbe97942d6a13e0c9d2496c0ed217032076bb0b3282a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ee283fe978f44746a1d4559f2d13470de9690469ad48fc997b65a139793803
f2fe04a83a9639baadd5f86834a4474465531f1d065756694f33377268f9d75b
f723a1d09f0d54efce1435098cf3b4de550d406677d712a997d503a841e3374e
fc78f989aea7e6e4f70e91ab388c78cf4abb231037accb2863fef96cd6a4e701
ff58390f9b912882769aca25881f2ad96f67a8435413cd41942731ee45df43bc

investtorg.ru Open in urlscan Pro 91.189.114.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

87 %HTTPS

25 %IPv6

42 Domains

49 Subdomains

45 IPs

10 Countries

994 kBTransfer

2992 kBSize

68 Cookies

6 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

investtorg.ru Open in urlscan Pro
91.189.114.18 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

87 %
HTTPS

25 %
IPv6

42
Domains

49
Subdomains

45
IPs

10
Countries

994 kB
Transfer

2992 kB
Size

68
Cookies

113 HTTP transactions
0 data transactions