urlscan.io logo urlscan.io
SecurityTrails logo

karelia.business Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://websterbank.ru/
Effective URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Submission: On November 08 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is karelia.business.
TLS certificate: Issued by WE1 on September 11th 2024. Valid for: 3 months.
This is the only time karelia.business was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 12 188.114.96.3 13335 (CLOUDFLAR...)
1 104.16.79.73 13335 (CLOUDFLAR...)
2 142.250.185.194 15169 (GOOGLE)
4 172.217.18.14 15169 (GOOGLE)
1 142.250.186.42 15169 (GOOGLE)
1 216.58.206.35 15169 (GOOGLE)
21 7
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
websterbank.ru
12    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
karelia.business
1    104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
4    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 karelia.business
karelia.business
30 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
126 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
197 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
6 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 websterbank.ru
websterbank.ru
781 B
21 7
Domain Requested by
12 karelia.business 1 redirects karelia.business
static.cloudflareinsights.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 pagead2.googlesyndication.com karelia.business
pagead2.googlesyndication.com
1 fonts.gstatic.com karelia.business
1 fonts.googleapis.com
1 static.cloudflareinsights.com karelia.business
1 websterbank.ru 1 redirects
21 7

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
support.cloudflare.com
Subject Issuer Validity Valid
karelia.business
WE1		 2024-09-11 -
2024-12-10		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 2 frames:

Frame: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Frame ID: 75076E01290E509C50E3936A6A3CE8B5
Requests: 19 HTTP requests in this frame

Frame: https://karelia.business/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 78B03F0742CC364FAF95EAD9C31086C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

karelia.business | 526: Invalid SSL certificate

Page URL History Show full URLs

  1. https://websterbank.ru/ HTTP 301
    https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

412 kB
Transfer

1406 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://websterbank.ru/ HTTP 301
    https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://karelia.business/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://karelia.business/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 19
  • https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank HTTP 302
  • https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
karelia.business/
Redirect Chain
  • https://websterbank.ru/
  • https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb23ab8cda087c2dc614ec42e63c841f21682a851d0e041e56f6d46d8567fdb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8df7b006dcf2d9d2-FRA
content-type
text/html; charset=UTF-8
date
Fri, 08 Nov 2024 18:39:45 GMT
expect-ct
max-age=86400, enforce
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IFpQtOOOWBv3gUAahJHVzM2cz1VbveW5Hnhpz4wTcAEt4QCGGKQ8oNxUezfz39NX5RtArV7GTJpSIAY9QK2HcleMTv5eKOJCO2KCIAhXIAKAd5qk9CjVnUpJbw41A3DfYakb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=18434&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4236&recv_bytes=4520&delivery_rate=628&cwnd=12000&unsent_bytes=0&cid=104a1f8e22568477&ts=95&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8df7b005ea6b01bd-CDG
content-length
167
content-type
text/html
date
Fri, 08 Nov 2024 18:39:45 GMT
expect-ct
max-age=86400, enforce
expires
Fri, 08 Nov 2024 19:39:45 GMT
location
https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTQnlCyxYqlr%2FR1NKjHs%2B66oP1zY2nSOYmj9nn6uGef5al%2B1xJrgFNWKMa%2FuoZzurhuna3c1GWDzRxud80yTR%2BEn4LGjggRBxCANgvQmY7Tn67unq7imM9bikSp0N6ZTfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=25166&sent=14&recv=7&lost=0&retrans=1&sent_bytes=5424&recv_bytes=4348&delivery_rate=23534&cwnd=12000&unsent_bytes=0&cid=6ec1cc798dc6e575&ts=247&x=1" cfHdrFlush;dur=0
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main.css
karelia.business/cdn-cgi/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://karelia.business/cdn-cgi/styles/main.css
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"672b8dd6-1f4d"
x-content-type-options
nosniff
cf-ray
8df7b007ef9ad9d2-FRA
expires
Fri, 08 Nov 2024 20:39:45 GMT
date
Fri, 08 Nov 2024 18:39:45 GMT
content-type
text/css
last-modified
Wed, 06 Nov 2024 15:40:06 GMT
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://karelia.business
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8df7b00b9bd06add-FRA
access-control-allow-origin
*
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
cf-icon-browser.png
karelia.business/cdn-cgi/images/ 		484 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/cdn-cgi/images/cf-icon-browser.png
Requested by
Host: karelia.business
URL: https://karelia.business/cdn-cgi/styles/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://karelia.business/cdn-cgi/styles/main.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"672b8dd6-1e4"
x-content-type-options
nosniff
cf-ray
8df7b00899a3d9d2-FRA
expires
Fri, 08 Nov 2024 20:39:46 GMT
accept-ranges
bytes
content-length
484
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 15:40:06 GMT
server
cloudflare
x-frame-options
DENY
cf-icon-ok.png
karelia.business/cdn-cgi/images/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/cdn-cgi/images/cf-icon-ok.png
Requested by
Host: karelia.business
URL: https://karelia.business/cdn-cgi/styles/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://karelia.business/cdn-cgi/styles/main.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"672b8dd6-3b2"
x-content-type-options
nosniff
cf-ray
8df7b00899a6d9d2-FRA
expires
Fri, 08 Nov 2024 20:39:46 GMT
accept-ranges
bytes
content-length
946
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 15:40:06 GMT
server
cloudflare
x-frame-options
DENY
cf-icon-cloud.png
karelia.business/cdn-cgi/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/cdn-cgi/images/cf-icon-cloud.png
Requested by
Host: karelia.business
URL: https://karelia.business/cdn-cgi/styles/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://karelia.business/cdn-cgi/styles/main.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"672b8dd6-5cc"
x-content-type-options
nosniff
cf-ray
8df7b00899a8d9d2-FRA
expires
Fri, 08 Nov 2024 20:39:46 GMT
accept-ranges
bytes
content-length
1484
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 15:40:06 GMT
server
cloudflare
x-frame-options
DENY
cf-icon-server.png
karelia.business/cdn-cgi/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/cdn-cgi/images/cf-icon-server.png
Requested by
Host: karelia.business
URL: https://karelia.business/cdn-cgi/styles/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://karelia.business/cdn-cgi/styles/main.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"672b8dd6-568"
x-content-type-options
nosniff
cf-ray
8df7b00899aad9d2-FRA
expires
Fri, 08 Nov 2024 20:39:46 GMT
accept-ranges
bytes
content-length
1384
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 15:40:06 GMT
server
cloudflare
x-frame-options
DENY
cf-icon-error.png
karelia.business/cdn-cgi/images/ 		854 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/cdn-cgi/images/cf-icon-error.png
Requested by
Host: karelia.business
URL: https://karelia.business/cdn-cgi/styles/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://karelia.business/cdn-cgi/styles/main.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"672b8dd6-356"
x-content-type-options
nosniff
cf-ray
8df7b008ea91d9d2-FRA
expires
Fri, 08 Nov 2024 20:39:46 GMT
accept-ranges
bytes
content-length
854
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 15:40:06 GMT
server
cloudflare
x-frame-options
DENY
main.js
karelia.business/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 78B0
Redirect Chain
  • https://karelia.business/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://karelia.business/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karelia.business/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa44310b15d5f9f46cc1f34c89619443dccbbfa07ce40565455df790b910001
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0cIDtqjZidJ1Iu9ZNFlPtuuez0wc5Ll%2BE8NKRub2fNqfo74g95npmgGMz7IeO3A9pjcrPSWRASByVrz28xv9trcHiwboXtPTvr4n%2FQnVb3WjKkRCl%2FZVmj3LC%2BkvVma7cVq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19970&sent=42&recv=25&lost=0&retrans=1&sent_bytes=26424&recv_bytes=8602&delivery_rate=30989&cwnd=12000&unsent_bytes=0&cid=104a1f8e22568477&ts=881&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8df7b00c2bfad9d2-FRA
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46yNRjuxZizUPvFD4WzJHiGBQ2oL7BRkglnTeXQLtgS2ypDBjhUu0ZvdJBwR9hbW%2FoIhkRINZVIdfr7Bl3ybHXYLlyx63Yau34giGmPNUtxiMNfbR4jjnoCA8NH%2B3SslChTx"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19376&sent=39&recv=23&lost=0&retrans=1&sent_bytes=25585&recv_bytes=7511&delivery_rate=94467&cwnd=12000&unsent_bytes=0&cid=104a1f8e22568477&ts=854&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 08 Nov 2024 18:39:46 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8df7b00bfb72d9d2-FRA
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
s.js
karelia.business/cdn-cgi/zaraz/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karelia.business/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIya2FyZWxpYS5idXNpbmVzcyUyMCU3QyUyMDUyNiUzQSUyMEludmFsaWQlMjBTU0wlMjBjZXJ0aWZpY2F0ZSUyMiUyQyUyMnglMjIlM0EwLjA1NzQ4MTgxNDI2ODIwOTY0JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZrYXJlbGlhLmJ1c2luZXNzJTJGJTNGbXRtX2NhbXBhaWduJTNEZG9tYWluJTI2bXRtX2t3ZCUzRHdlYnN0ZXJiYW5rJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtNjAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c702f2ac79a87488b14bc67b59638af804cf70a95ef9477f1426c1cdfd17d2d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://karelia.business/

Response headers

x-robots-tag
none
access-control-max-age
600
content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WdcLoBzBq7ZicxsNdXeISadPaSuQ5S9ZIAxXXDdG3fxZ05a0Tw7iz3M%2By%2F%2BA15AarZiTe%2BcJU6IMwIwi7zRHJAUYtSQoyxRw8qL6WL7t%2FSzVPdeqL9gPFGLx6fKXMVJlFvCq"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD, POST, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19970&sent=46&recv=25&lost=0&retrans=1&sent_bytes=31113&recv_bytes=8602&delivery_rate=30989&cwnd=12000&unsent_bytes=0&cid=104a1f8e22568477&ts=885&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
text/javascript; charset=utf-8
vary
Origin, Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8df7b00c0bafd9d2-FRA
access-control-allow-origin
https://karelia.business
x-xss-protection
1; mode=block
server
cloudflare
8df7b006dcf2d9d2
karelia.business/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 78B0 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://karelia.business/cdn-cgi/challenge-platform/h/b/jsd/r/8df7b006dcf2d9d2
Requested by
Host: karelia.business
URL: https://karelia.business/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Mo%2FeB6dY5dZdhaMlx6mbXjfnw6Vw0peBnDPvDtlXeyVC0RPbCEHIzwyqfcVe1RKY90C2entBHEAdKjvmvQ%2F8l%2B34GDl9Ut6ZpC5JWZkFsZJV9F2IpB7xUWiINtQSL9UkPJZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26241&sent=61&recv=44&lost=0&retrans=2&sent_bytes=36099&recv_bytes=25974&delivery_rate=25169&cwnd=12000&unsent_bytes=0&cid=104a1f8e22568477&ts=1276&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
text/plain; charset=UTF-8
priority
u=1,i
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8df7b00d7fdcd9d2-FRA
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5554609003873316
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1adeb7f159fef802d91f9f7bf5d4f9bd5dd789941f337499b37985891a883190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://karelia.business
Referer

Response headers

content-encoding
br
etag
1202825508663591191
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 18:39:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53862
x-xss-protection
0
server
cafe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/ 		435 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business&bust=31088654
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5554609003873316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a1ba7325ddbbdeba732ba67f3950cb9ed283822e128e7bdac8223cf413aaa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
5639063814602829254
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 18:39:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 08 Nov 2024 18:39:46 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147900
x-xss-protection
0
server
cafe
ca-pub-5554609003873316
fundingchoicesmessages.google.com/i/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5554609003873316?href=https%3A%2F%2Fkarelia.business&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business&bust=31088654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
ESF /
Resource Hash
63719c4ccf632d9b3ed36367ae910af113e62f6316c203fd2e3ee7716322d001
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-drAhQq9zBb1NH-T2278_1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 18:39:47 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4Pm_duZNN4MXUxjYmJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQwNzPQPj-AIDAIqLP_4"
content-security-policy
script-src 'report-sample' 'nonce-drAhQq9zBb1NH-T2278_1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxW8h3uOC63Snid-v36CXeRrr3xTTVlmUcM-rGHv04D4PZ2CXrRA_UdAPAmtqXOcyDYNghafktJm4yoJDcxWeJmWe8vMCy8k9ydEjMSJ1EQRu9VSiWk2AUwN7u3WL6N2RUw4F6biuw==
fundingchoicesmessages.google.com/f/ 		401 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW8h3uOC63Snid-v36CXeRrr3xTTVlmUcM-rGHv04D4PZ2CXrRA_UdAPAmtqXOcyDYNghafktJm4yoJDcxWeJmWe8vMCy8k9ydEjMSJ1EQRu9VSiWk2AUwN7u3WL6N2RUw4F6biuw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMDkxMTg3LDY1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9rYXJlbGlhLmJ1c2luZXNzLyIsbnVsbCxbWzgsIkZLalB5ZUd5QkpvIl0sWzksIm5sIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.FKjPyeGyBJo.es5.O/am=GAw/d=1/rs=AJlcJMzHYIe5wB9Te4OMffWaCMhz-GydWg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
ESF /
Resource Hash
74a180200d558f320f3a5377292909ecd133712bcd0e3dc538e82bd4b3981960
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-B6jJG-2O85f-NhyZ_rX2QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 18:39:47 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4Pm_duZNN4MCjQ3eZlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ3M9QyM4wsMAKheQLY"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-B6jJG-2O85f-NhyZ_rX2QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.FKjPyeGyBJo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxQgPTDDgdPRfZ9ctrFhRO--krx1Q/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
40c08123963fafb7ea2a2f6f3bd85a4b8b2bbbecd85c12da94ef0be3beb787d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 18:39:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 18:39:48 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 08 Nov 2024 18:39:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://karelia.business
Referer
https://karelia.business/

Response headers

age
333624
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 04 Nov 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxVmvRA43x3l4R8AlOwZECwj4Haq6l8ofKCxeLO7q34sglPqOLFHScFRDJb950F00QZr9q6F2PORiuoFkxrG4uHUEZZNEvx7H0cllTxt1PC_tNugbQpi7lWek7VUdiLuW0umUyBNmA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVmvRA43x3l4R8AlOwZECwj4Haq6l8ofKCxeLO7q34sglPqOLFHScFRDJb950F00QZr9q6F2PORiuoFkxrG4uHUEZZNEvx7H0cllTxt1PC_tNugbQpi7lWek7VUdiLuW0umUyBNmA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.FKjPyeGyBJo.es5.O/am=GAw/d=1/rs=AJlcJMzHYIe5wB9Te4OMffWaCMhz-GydWg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a9NaTluHnysk0WvHc85h9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 18:39:47 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uH4vHXnTjaBFSe-bmRWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhgbmegbm8QUGAF17KWM"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a9NaTluHnysk0WvHc85h9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://karelia.business
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVmvRA43x3l4R8AlOwZECwj4Haq6l8ofKCxeLO7q34sglPqOLFHScFRDJb950F00QZr9q6F2PORiuoFkxrG4uHUEZZNEvx7H0cllTxt1PC_tNugbQpi7lWek7VUdiLuW0umUyBNmA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVmvRA43x3l4R8AlOwZECwj4Haq6l8ofKCxeLO7q34sglPqOLFHScFRDJb950F00QZr9q6F2PORiuoFkxrG4uHUEZZNEvx7H0cllTxt1PC_tNugbQpi7lWek7VUdiLuW0umUyBNmA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.FKjPyeGyBJo.es5.O/am=GAw/d=1/rs=AJlcJMzHYIe5wB9Te4OMffWaCMhz-GydWg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lHmLEhbVrIRJBCDTq0g4vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 18:39:47 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uH4vHXnTjaBFfN-bWFWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhgbmegbm8QUGAFf8KUs"
content-security-policy
script-src 'report-sample' 'nonce-lHmLEhbVrIRJBCDTq0g4vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://karelia.business
content-length
0
x-xss-protection
0
server
ESF
rum
karelia.business/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://karelia.business/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8df7b016e9c4d9d2-FRA
access-control-allow-origin
https://karelia.business
date
Fri, 08 Nov 2024 18:39:48 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
/
karelia.business/
Redirect Chain
  • https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
  • https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
karelia.business
URL
https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| zarazData object| zaraz object| __cfBeacon object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googPageScrollPreventerInfo object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NGVkYWU3OWUzMjFjODA0OGxvYWRlcl9qcw== string| NGVkYWU3OWUzMjFjODA0OGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

3 Cookies

Domain/Path Name / Value
karelia.business/ Name: cf_ob_info
Value: 526:8df7b0071586d9d2:FRA
karelia.business/ Name: cf_use_ob
Value: 443
.karelia.business/ Name: cf_clearance
Value: JEnaMBT3EpnwpxKOqd1PwHlY0DazWiGps5SxG0wFfnc-1731091186-1.2.1.1-H27ihpG0eTL09AmLU33xGB8n8ErD.wHTborjZb4..67f7eJB2mWtVMyvzsVIvt_5YVyeKhZ.2CiAhj5ESRS4MQ0N5cej0GpEVoI4LAOtFcNJf1d38TNHkAv0YDwB1Sb2bqKeK63FSSIj2DjWcbGoQK6xo2du76CR7LZQ7LFGNQHFALdPYLsb8biQfDZFq6KdwKSEWnzGaSpRflqJw75cxOq5oxqHlg5pVMPWppl9ljeBS9zmIRCLVw0pRmzKoZDjmev2DUqyJmwJAPGTkJ1Xroa4ddzSxUOrtDONBy5Lx7d6.3nT2fQpfOQ0NwAX3vkgppAYfFAEiqYW.PEzqmHHyv8jIktE2aBx03ZBuqlOq3MUkwD0GK1yYEKUuSc_8zD_

1 Console Messages

Source Level URL
Text
network error URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=websterbank
Message:
Failed to load resource: the server responded with a status of 526 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
karelia.business
pagead2.googlesyndication.com
static.cloudflareinsights.com
websterbank.ru
karelia.business
104.16.79.73
142.250.185.194
142.250.186.42
172.217.18.14
188.114.96.3
188.114.97.3
216.58.206.35
1adeb7f159fef802d91f9f7bf5d4f9bd5dd789941f337499b37985891a883190
2c702f2ac79a87488b14bc67b59638af804cf70a95ef9477f1426c1cdfd17d2d
3a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40c08123963fafb7ea2a2f6f3bd85a4b8b2bbbecd85c12da94ef0be3beb787d6
41553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b
4aa44310b15d5f9f46cc1f34c89619443dccbbfa07ce40565455df790b910001
4bb23ab8cda087c2dc614ec42e63c841f21682a851d0e041e56f6d46d8567fdb
63719c4ccf632d9b3ed36367ae910af113e62f6316c203fd2e3ee7716322d001
67f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f
74a180200d558f320f3a5377292909ecd133712bcd0e3dc538e82bd4b3981960
78a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
a1ba7325ddbbdeba732ba67f3950cb9ed283822e128e7bdac8223cf413aaa21a
d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b