fxmoneylab.ru Open in urlscan Pro
91.236.136.45 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fxmoneylab.ru/sovetniki-forex/
Submission: On August 29 via manual (August 29th 2021, 8:32:06 pm UTC) from CH

Summary HTTP 129 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 17 domains to perform 129 HTTP transactions. The main IP is 91.236.136.45, located in Moscow, Russian Federation and belongs to WEBHOST1-AS, RU. The main domain is fxmoneylab.ru.
TLS certificate: Issued by R3 on August 11th 2021. Valid for: 3 months.

This is the only time fxmoneylab.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	91.236.136.45 91.236.136.45	44094 (WEBHOST1-AS) (WEBHOST1-AS)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	91.218.228.159 91.218.228.159	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
3 10	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
129	28

38 91.236.136.45 (Moscow, Russian Federation)

ASN44094 (WEBHOST1-AS, RU)
PTR: s115.webhost1.ru

fxmoneylab.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.218.228.159 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU)
PTR: hosted-by.ihc.ru

www.fxmag.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

fxmoneylabru.push.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	fxmoneylab.ru fxmoneylab.ru	1 MB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	401 KB
15	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	117 KB
15	google.com 3 redirects cse.google.com www.google.com adservice.google.com clients1.google.com	168 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	103 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	googleapis.com fonts.googleapis.com www.googleapis.com ajax.googleapis.com	31 KB
4	googletagservices.com www.googletagservices.com	138 KB
2	2mdn.net s0.2mdn.net	111 KB
2	google.de adservice.google.de	722 B
2	yandex.ru 1 redirects mc.yandex.ru	47 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
2	fxmag.ru www.fxmag.ru	5 KB
1	push.world fxmoneylabru.push.world	63 KB
1	googleadservices.com partner.googleadservices.com	660 B
1	googletagmanager.com www.googletagmanager.com	34 KB
129	17

	Domain	Requested by
38	fxmoneylab.ru	fxmoneylab.ru
21	tpc.googlesyndication.com	fxmoneylab.ru googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com fxmoneylab.ru googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	fxmoneylab.ru pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	www.google.com	3 redirects cse.google.com www.google.com fxmoneylab.ru googleads.g.doubleclick.net tpc.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
5	mc.yandex.com	2 redirects fxmoneylab.ru
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	fxmoneylab.ru googleads.g.doubleclick.net tpc.googlesyndication.com
2	s0.2mdn.net	tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects fxmoneylab.ru
2	counter.yadro.ru	1 redirects fxmoneylab.ru
2	ssl.google-analytics.com	1 redirects fxmoneylab.ru
2	cse.google.com	fxmoneylab.ru www.google.com
2	www.fxmag.ru	fxmoneylab.ru
1	ajax.googleapis.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	clients1.google.com	fxmoneylab.ru
1	www.googleapis.com	fxmoneylab.ru
1	fxmoneylabru.push.world	fxmoneylab.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	fxmoneylab.ru
1	www.googletagmanager.com	fxmoneylab.ru
129	25

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
www.fxmag.ru
go.microsoft.com
www.bing.com

Subject Issuer	Validity	Valid
fxmoneylab.ru R3	`2021-08-11` - `2021-11-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.fxmag.ru GoGetSSL RSA DV CA	`2021-04-06` - `2022-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.push.world ZeroSSL RSA Domain Secure Site CA	`2021-07-09` - `2021-10-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://fxmoneylab.ru/sovetniki-forex/
Frame ID: 8720D5AB82C01231291E22A7C064929D
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html
Frame ID: E93410A7E55F656EB1FAE422EB9840BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=600&slotname=1837476453&adk=778346635&adf=1511272658&pi=t.ma~as.1837476453&w=257&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&psa=0&format=257x600&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105097&bpp=9&bdt=839&idt=166&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5073545044616&frm=20&pv=2&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=231&ady=1214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&alvm=r20210824&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ibCEcF2Tq&p=https%3A//fxmoneylab.ru&dtd=185
Frame ID: A0AE8C88D9F325EF45E621447ABFED20
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&adk=84980950&adf=198458457&lmt=1630269105&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105210&bpp=1&bdt=952&idt=86&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=257x600&nras=1&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=90
Frame ID: 5F2DB74CA353554C9AB6B690BA29624E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=90&adk=3194726322&adf=4202603901&pi=t.aa~a.1758199130~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&to=qs&pwprc=9825954465&psa=0&format=1200x90&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105588&bpp=1&bdt=1330&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8462e06a32d7ec8-2236b917b9c900eb%3AT%3D1630269105%3ART%3D1630269105%3AS%3DALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q&prev_fmts=257x600%2C0x0&nras=2&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=J32y2JS1D4&p=https%3A//fxmoneylab.ru&dtd=14
Frame ID: 7DDED02966C5B4761B402464616FF23E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 50691913EDFB14F65A4A29EEBF10D03F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/index.html
Frame ID: 31D73F043A2E134C571AFC8677E92A5B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0B4A27A7990C534CF32139BFE5887901
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 99977C87ED8E0469C8922EA4C0E9B26A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js
Frame ID: 8C2A3CA51B98D6DFD94C79DAB25F9D47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html
Frame ID: DCC665D7D49A9FE3AE2BA138E9C3BB70
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cyg0mse4rYYbzJqaniQbu_anYAfzTisJjvs6Vy80Nzr74lnEQASCyt41QYJUCoAH_hK3tA8gBCagDAcgDSKoExQFP0EqhU5SCQMR7aNYLQ6hbdIzeUfFPusJrc_HwTXZc_SjLxvnO1n3lh4LmMv3DwIF81mt3qJMUEMSCWwA82xNiRDgTCbpNg890jlnPSOtNpZ8l8oc03HqKkq_Y2wZGc34-qmcI8q9ZBry47FAUDjRernd0Ngxrbh12txSneNMzCuWONYh5opPkFXmF6rmF3jvDX1sH2i3ZLtPU0B-Ayh9hAe1ooTqWjHO3dA5qdw1Alg4cShsC1VXjKkAsVO7t7euJMHI3hMAE3P_GwvgCkgUECAQYAZIFBAgFGASgBi6AB5L7mh2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEKPIE9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi00NjIwNzM4Nzc2MjY4MTQ0GAA&sigh=GchRDZ8dh-w&template_id=419
Frame ID: 6F011C89AB0555080C97BB1631B22BF8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A1A022688994E4D20ED3B202142CAA5C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2326956F2FFA65080DC12805CA485529
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 382879069FACB1E55BFED0D4DFFFEA18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Советники (торговые роботы) Форекс для МТ4поиск

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

129
Requests

100 %
HTTPS

79 %
IPv6

17
Domains

25
Subdomains

28
IPs

4
Countries

2477 kB
Transfer

5661 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://www.fxmag.ru/

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/?linkid=9722454
Title:

Search URL Search Domain Scan URL

URL: http://www.bing.com/widget/translator
Title: Bing Webmaster Portal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://counter.yadro.ru/hit?t14.16;r;s1600*1200*24;uhttps%3A//fxmoneylab.ru/sovetniki-forex/;0.6884304949425852 HTTP 302
https://counter.yadro.ru/hit?q;t14.16;r;s1600*1200*24;uhttps%3A//fxmoneylab.ru/sovetniki-forex/;0.6884304949425852

Request Chain 53

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2110834376&utmhn=fxmoneylab.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D0%BE%D0%B2%D0%B5%D1%82%D0%BD%D0%B8%D0%BA%D0%B8%20(%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%80%D0%BE%D0%B1%D0%BE%D1%82%D1%8B)%20%D0%A4%D0%BE%D1%80%D0%B5%D0%BA%D1%81%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%A24&utmhid=1744537861&utmr=-&utmp=%2Fsovetniki-forex%2F&utmht=1630269105234&utmac=UA-66383865-1&utmcc=__utma%3D88729804.1655185415.1630269105.1630269105.1630269105.1%3B%2B__utmz%3D88729804.1630269105.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2125178861&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-66383865-1&cid=1655185415.1630269105&jid=2125178861&_v=5.7.2&z=2110834376

Request Chain 66

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9380.TIJJi4_Su3TMa28Ra7Ijz0ToOiwnLPWuHfI0A8xCZcYma-lUSN6BR8BQeP9NOPnn.sCSyp5Uqkxn6wzJf4Z-mtt61KGM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9380.9BRqY7BGsRvwJezuYOQw4bx4TtZd4hY3rTizzj8pjv8xLAwWKH2k1pOXSAf1Dg4M8OhV4fQxKEfAi9m-T9VkwQ%2C%2C.i7pPH5lN4O2_arYO3LnkkqyuguY%2C

Request Chain 68

https://mc.yandex.com/watch/25172384?wmode=7&page-url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A1421%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A605827720114%3Ahid%3A461951245%3Az%3A120%3Ai%3A20210829223145%3Aet%3A1630269105%3Ac%3A1%3Arn%3A680010825%3Au%3A16302691051029152540%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630269103631%3Ads%3A201%2C89%2C332%2C2%2C0%2C0%2C%2C952%2C14%2C%2C%2C%2C1579%3Adsn%3A201%2C89%2C334%2C1%2C0%2C0%2C%2C953%2C14%2C%2C%2C%2C1579%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630269106%3At%3A%D0%A1%D0%BE%D0%B2%D0%B5%D1%82%D0%BD%D0%B8%D0%BA%D0%B8%20(%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%80%D0%BE%D0%B1%D0%BE%D1%82%D1%8B)%20%D0%A4%D0%BE%D1%80%D0%B5%D0%BA%D1%81%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%A24 HTTP 302
https://mc.yandex.com/watch/25172384/1?wmode=7&page-url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A1421%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A605827720114%3Ahid%3A461951245%3Az%3A120%3Ai%3A20210829223145%3Aet%3A1630269105%3Ac%3A1%3Arn%3A680010825%3Au%3A16302691051029152540%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630269103631%3Ads%3A201%2C89%2C332%2C2%2C0%2C0%2C%2C952%2C14%2C%2C%2C%2C1579%3Adsn%3A201%2C89%2C334%2C1%2C0%2C0%2C%2C953%2C14%2C%2C%2C%2C1579%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630269106%3At%3A%D0%A1%D0%BE%D0%B2%D0%B5%D1%82%D0%BD%D0%B8%D0%BA%D0%B8%20%28%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%80%D0%BE%D0%B1%D0%BE%D1%82%D1%8B%29%20%D0%A4%D0%BE%D1%80%D0%B5%D0%BA%D1%81%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%A24

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

129 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fxmoneylab.ru/sovetniki-forex/ 78 KB
22 KB 624ms
333ms Document
text/html 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: cde7682f94589a89bdd407647f35effdda0dd561d4e53584c95dd96a77bff776

Request headers

:method: GET
:authority: fxmoneylab.ru
:scheme: https
:path: /sovetniki-forex/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Sun, 29 Aug 2021 20:31:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; path=/; secure bt_arise_tpl=bt_arise; expires=Fri, 19-Aug-2022 20:31:44 GMT; Max-Age=30672000; path=/
x-logged-in: False
content-encoding: gzip

GET
H2 200 index.php
fxmoneylab.ru/ 91 KB
17 KB 237ms
236ms Stylesheet
text/css 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_010a3.css
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 5b6bb6f73345b0a05151a56d1a0537d2316b9d142c612dcfb68e254e6cedca6d

Request headers

:path: /index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_010a3.css
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
server: nginx
content-type: text/css;;charset=UTF-8
cache-control: private
x-logged-in: False
x-content-encoded-by: Joomla! 2.5
expires: Mon, 29 Aug 2022 20:31:44 GMT

GET
H2 200 index.php
fxmoneylab.ru/ 107 KB
22 KB 734ms
733ms Stylesheet
text/css 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: a7ca73b51bd1ab8dfa4aa42da5dd5a7348dd7a72681e1b68a5f8575366d53980

Request headers

:path: /index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
server: nginx
content-type: text/css;;charset=UTF-8
cache-control: private
x-logged-in: False
x-content-encoded-by: Joomla! 2.5
expires: Mon, 29 Aug 2022 20:31:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
652 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cuprum:regular|Frijole:regular&subset=cyrillic,latin

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee3a34091436c23d8837d0a5b12606f303b7cfb11cf4377ccfb432b7fc2c8146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 20:31:44 GMT
server: ESF
date: Sun, 29 Aug 2021 20:31:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Aug 2021 20:31:44 GMT

GET
H2 200 thumb_multi-currency-brain-box.png
fxmoneylab.ru/components/com_jshopping/files/img_products/ 70 KB
70 KB 52ms
48ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/components/com_jshopping/files/img_products/thumb_multi-currency-brain-box.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 7e228f1cd7df8b4410ce21583e5a6b699132f9c9945f26d8ded118cb837dd0f7

Request headers

:path: /components/com_jshopping/files/img_products/thumb_multi-currency-brain-box.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
last-modified: Sat, 28 Aug 2021 19:57:59 GMT
server: nginx
etag: "612a9547-118a1"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 71841
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_vision-scalper-ea-box.png
fxmoneylab.ru/components/com_jshopping/files/img_products/ 44 KB
44 KB 92ms
88ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/components/com_jshopping/files/img_products/thumb_vision-scalper-ea-box.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 7087d847e00b8f8d3951337d810910e8f8bd0d649ae8d84b1216aa16cc25ec42

Request headers

:path: /components/com_jshopping/files/img_products/thumb_vision-scalper-ea-box.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
last-modified: Wed, 25 Aug 2021 17:53:52 GMT
server: nginx
etag: "612683b0-af07"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44807
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_prop-firm-ea-box.png
fxmoneylab.ru/components/com_jshopping/files/img_products/ 59 KB
60 KB 126ms
122ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/components/com_jshopping/files/img_products/thumb_prop-firm-ea-box.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: a04500cd33d6da71ede73c656881116d0e235e6c484a48c47f387438ad3e2a1d

Request headers

:path: /components/com_jshopping/files/img_products/thumb_prop-firm-ea-box.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
last-modified: Mon, 23 Aug 2021 17:52:50 GMT
server: nginx
etag: "6123e072-edf5"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 60917
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_reaper-ea-box.png
fxmoneylab.ru/components/com_jshopping/files/img_products/ 42 KB
42 KB 126ms
122ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/components/com_jshopping/files/img_products/thumb_reaper-ea-box.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 76105ad240f804a7ecd6470e690b512f20197b334789a1a839641892af5f08ce

Request headers

:path: /components/com_jshopping/files/img_products/thumb_reaper-ea-box.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
last-modified: Sun, 22 Aug 2021 15:40:57 GMT
server: nginx
etag: "61227009-a7e0"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 42976
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_golden-aura-ea-box.png
fxmoneylab.ru/components/com_jshopping/files/img_products/ 68 KB
68 KB 225ms
64ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/components/com_jshopping/files/img_products/thumb_golden-aura-ea-box.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 18e4b85bce30dc125a38c9397166749b5105215faa76e23769d4b8717f584f09

Request headers

:path: /components/com_jshopping/files/img_products/thumb_golden-aura-ea-box.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
last-modified: Sat, 07 Aug 2021 12:01:56 GMT
server: nginx
etag: "610e7634-10fa4"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 69540
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 38_ru_rbfx_250x250.jpg
fxmoneylab.ru/images/banners/ 21 KB
21 KB 180ms
44ms Image
image/jpeg 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/images/banners/38_ru_rbfx_250x250.jpg
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 73fff8a5ee778e127421beff42d117bd3c3e61a20abb5b054afd5f5a52616fce

Request headers

:path: /images/banners/38_ru_rbfx_250x250.jpg
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
last-modified: Sun, 17 Jan 2021 19:11:13 GMT
server: nginx
etag: "60048bd1-5394"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21396
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 club_bonus_200x200_ru.gif
fxmoneylab.ru/images/banners/ 444 KB
445 KB 186ms
50ms Image
image/gif 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/images/banners/club_bonus_200x200_ru.gif
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: be1ab67ce9ca47c14b5c43e9d01d506eb3ed5f3a8738130b8e3299ff1c0eeb81

Request headers

:path: /images/banners/club_bonus_200x200_ru.gif
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
last-modified: Sat, 18 May 2019 11:08:22 GMT
server: nginx
etag: "5cdfe7a6-6ef76"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 454518
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 33ms
30ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

00837d80c7ba353f5145da5fdba2becb5b721a018e0abc9a425c514aca1671ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50015
x-xss-protection: 0
server: cafe
etag: 10968228205867814982
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Aug 2021 20:31:44 GMT

GET
H/1.1 200
OK counter.php
www.fxmag.ru/ 2 KB
3 KB 294ms
45ms Image
text/html 91.218.228.159
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxmag.ru/counter.php?id=3Jb7X293408lO8A&t=1
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.228.159 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx / PHP/5.3.27-1~dotdeb.0
Resource Hash: f1cdd385647928b88198739435fb7e17ad66a2f08d2e95f83da040a7a84afac6

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 29 Aug 2021 20:31:44 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.3.27-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=WINDOWS-1251
Cache-Control: max-age=86400
Connection: keep-alive
Keep-Alive: timeout=30
Content-Length: 2467
Expires: Mon, 30 Aug 2021 20:31:44 GMT

GET
H2 200 scriptloader.min.js Show response
fxmoneylab.ru/media/zen/js/tools/ 1 KB
899 B 48ms
45ms Script
application/javascript 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/media/zen/js/tools/scriptloader.min.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 9ca9b9e697a3a7f63aa39db45aaf2dc0279a5707e93a0c42d5b2e1be5ced6e16

Request headers

:path: /media/zen/js/tools/scriptloader.min.js
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 09:55:12 GMT
server: nginx
etag: W/"5fd09f00-57f"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-1.8.3.min.js Show response
fxmoneylab.ru/media/zen/js/jquery/ 91 KB
38 KB 124ms
122ms Script
application/javascript 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/media/zen/js/jquery/jquery-1.8.3.min.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 42dd197f5d15d2a06539ab87fb97e1d3e1c40583deee00b6899a68981f0e33fa

Request headers

:path: /media/zen/js/jquery/jquery-1.8.3.min.js
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
last-modified: Sun, 09 Feb 2020 20:32:32 GMT
server: nginx
etag: W/"5e406c60-16dc5"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-noconflict.js Show response
fxmoneylab.ru/media/zen/js/jquery/ 21 B
222 B 124ms
122ms Script
application/javascript 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/media/zen/js/jquery/jquery-noconflict.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

:path: /media/zen/js/jquery/jquery-noconflict.js
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
last-modified: Sun, 14 Apr 2013 01:08:16 GMT
server: nginx
etag: W/"516a0180-15"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-1.7.1.min.js Show response
fxmoneylab.ru/templates/bt_arise/js/ 92 KB
38 KB 124ms
122ms Script
application/javascript 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/templates/bt_arise/js/jquery-1.7.1.min.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 2af8cbd0e0b43d42ae79127341b350e582401e0327a073d43ccca0abff93c426

Request headers

:path: /templates/bt_arise/js/jquery-1.7.1.min.js
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
last-modified: Mon, 15 Jul 2019 20:23:32 GMT
server: nginx
etag: W/"5d2ce0c4-16fee"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.php Show response
fxmoneylab.ru/ 193 KB
67 KB 387ms
339ms Script
text/javascript 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_bbbe8.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: bb0c0286e2639c17ec76dc16ce4493d1ea8c4ffdde127b4b5535ef140803e49a

Request headers

:path: /index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_bbbe8.js
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;;charset=UTF-8
cache-control: private
x-logged-in: False
x-content-encoded-by: Joomla! 2.5
expires: Mon, 29 Aug 2022 20:31:44 GMT

GET
H2 200 k2.js Show response
fxmoneylab.ru/components/com_k2/js/ 8 KB
3 KB 165ms
77ms Script
application/javascript 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/components/com_k2/js/k2.js?v2.6.9&sitepath=/
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: cf1e8a9d880f4ee12c94164ac5be366f4d23e0d199c19f6526aa8cf1e8dad499

Request headers

:path: /components/com_k2/js/k2.js?v2.6.9&sitepath=/
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
last-modified: Sat, 27 Aug 2016 08:05:48 GMT
server: nginx
etag: W/"57c149dc-1f4b"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.php Show response
fxmoneylab.ru/ 565 KB
177 KB 562ms
427ms Script
text/javascript 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_b065e.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 1c025852aaba324a07ea0ef664b071b51fde945433b3feb48c4b396e37a70446

Request headers

:path: /index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_b065e.js
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;;charset=UTF-8
cache-control: private
x-logged-in: False
x-content-encoded-by: Joomla! 2.5
expires: Mon, 29 Aug 2022 20:31:44 GMT

GET
H/1.1 200
OK watch.js Show response
www.fxmag.ru/poster/ 2 KB
2 KB 290ms
43ms Script
application/javascript 91.218.228.159
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxmag.ru/poster/watch.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.228.159 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 56879fb4221c71397cda384fdec163f1f60ba96605a3db8661f4286bb0b71a3c

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 29 Aug 2021 20:31:44 GMT
Last-Modified: Sun, 01 Nov 2015 05:55:57 GMT
Server: nginx
ETag: "5635a96d-83f"
Content-Type: application/javascript; charset=windows-1251
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 2111
Expires: Mon, 30 Aug 2021 20:31:44 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-4620738776268144:1638165903

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

0051ffbe5c18a4e1240dd7795e6f6f1691ca4544b1766145c2045f1b66ff8738

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3482
x-xss-protection: 0
expires: Sun, 29 Aug 2021 20:31:44 GMT

GET
H2 200 jquery.lightbox-0.5.pack.js Show response
fxmoneylab.ru/components/com_jshopping/js/jquery/ 10 KB
3 KB 177ms
43ms Script
application/javascript 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/components/com_jshopping/js/jquery/jquery.lightbox-0.5.pack.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: abc0895d4edb171cbd692d03eaa37c86367018f6d230f3f45d713a43b0fc2309

Request headers

:path: /components/com_jshopping/js/jquery/jquery.lightbox-0.5.pack.js
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 16:57:00 GMT
server: nginx
etag: W/"5dc992dc-27bc"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 system.css
fxmoneylab.ru/media/system/css/ 1 KB
742 B 43ms
43ms Stylesheet
text/css 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/media/system/css/system.css
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 7998b1a3a745310a44df30b99b5becc3aa15eab739c3421096f7e7feacfe9d92

Request headers

:path: /media/system/css/system.css
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
last-modified: Wed, 10 Dec 2014 04:40:08 GMT
server: nginx
etag: W/"5487cea8-5a6"
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6270
date: Sun, 29 Aug 2021 18:47:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 29 Aug 2021 20:47:15 GMT

GET
H2 200 bgd-wrapper.png
fxmoneylab.ru/templates/bt_arise/images/ 973 B
1 KB 43ms
42ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-wrapper.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: c08a99a8a0f96508b902611be96081b1b50d927fba892492fc830ba69ebf962e

Request headers

:path: /templates/bt_arise/images/bgd-wrapper.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-3cd"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 973
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd-wrapper-inner.png
fxmoneylab.ru/templates/bt_arise/images/ 61 KB
61 KB 44ms
43ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-wrapper-inner.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: e766bef1ea21632d4f2f23786bbf4613983154c8ff2d590dabc6b53b86d62d1a

Request headers

:path: /templates/bt_arise/images/bgd-wrapper-inner.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Sun, 02 Feb 2020 18:24:05 GMT
server: nginx
etag: "5e3713c5-f301"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 62209
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cart.png
fxmoneylab.ru/modules/mod_ice_jshopping_cart/assets/images/ 2 KB
2 KB 43ms
42ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/modules/mod_ice_jshopping_cart/assets/images/cart.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 945664995c28647166b699f3cc09d19c141ba67953ca0c375a48bc9a2dde7fd9

Request headers

:path: /modules/mod_ice_jshopping_cart/assets/images/cart.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Thu, 14 Nov 2019 19:11:43 GMT
server: nginx
etag: "5dcda6ef-64e"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1614
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd-nav-l0-over.png
fxmoneylab.ru/templates/bt_arise/images/ 1 KB
1 KB 44ms
43ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-nav-l0-over.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 11ffe566c3b88743a8a4f10e52cb00a50bf3c38d8ee2ae1b3092691e9dfed156

Request headers

:path: /templates/bt_arise/images/bgd-nav-l0-over.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-418"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1048
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
fxmoneylab.ru/templates/bt_arise/images/ 6 KB
6 KB 44ms
44ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/logo.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 4ca5ef22f8316519b406c1704ff603b42404ee4534a7726fe2fd0a6abf3caf8f

Request headers

:path: /templates/bt_arise/images/logo.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 31 Oct 2018 17:22:34 GMT
server: nginx
etag: "5bd9e4da-16b2"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5810
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd-bottom-r.png
fxmoneylab.ru/templates/bt_arise/images/ 936 B
1 KB 45ms
44ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-bottom-r.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 35ab05671e7f5d5706980a0b35003f09ad11136d77b33bdf2de682fed990a8fd

Request headers

:path: /templates/bt_arise/images/bgd-bottom-r.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-3a8"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 936
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd-bottom.png
fxmoneylab.ru/templates/bt_arise/images/ 801 B
976 B 45ms
44ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-bottom.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 19eee0276402eec83e76d61942d00357a87c926e05ad1fbde7fcaacc013a923b

Request headers

:path: /templates/bt_arise/images/bgd-bottom.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Sun, 02 Feb 2020 11:04:26 GMT
server: nginx
etag: "5e36acba-321"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 801
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 warning.png
fxmoneylab.ru/media/jbtype/images/coquette/ 2 KB
2 KB 51ms
51ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/media/jbtype/images/coquette/warning.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 2195a7ffae1e77d7602eee15f22f9a9993f08a7df213cdc6829ebdf0b7911796

Request headers

:path: /media/jbtype/images/coquette/warning.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/sovetniki-forex/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Fri, 12 Mar 2021 18:18:05 GMT
server: nginx
etag: "604bb05d-8ef"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2287
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stars.png
fxmoneylab.ru/plugins/content/vrvote/images/ 3 KB
4 KB 51ms
51ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/plugins/content/vrvote/images/stars.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_010a3.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: e94a34c0f4e7209832ea632eac9ecd29d1ded66a5895852359e403c35d75c1ed

Request headers

:path: /plugins/content/vrvote/images/stars.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_010a3.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_010a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Mon, 03 Jun 2019 12:15:20 GMT
server: nginx
etag: "5cf50f58-db3"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3507
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bullet.png
fxmoneylab.ru/templates/bt_arise/images/ 165 B
340 B 52ms
51ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bullet.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: e377a25c2cc2758ec362add7d2584d32340aef6d0f36c549d50515036a15c9b8

Request headers

:path: /templates/bt_arise/images/bullet.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-a5"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 165
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd-module-h3.png
fxmoneylab.ru/templates/bt_arise/images/ 1 KB
1 KB 77ms
43ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-module-h3.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 46145270b8b2ee040a0d83a61fd9aa5634377009d7ee00fcb0e8e5c18d576b72

Request headers

:path: /templates/bt_arise/images/bgd-module-h3.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-463"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1123
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd-left-module-h3.png
fxmoneylab.ru/templates/bt_arise/images/ 973 B
1 KB 78ms
42ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-left-module-h3.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: b04205d0dcc6b822b0fe63569a5c2d393b141b2a766864b473cb4976559ce607

Request headers

:path: /templates/bt_arise/images/bgd-left-module-h3.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-3cd"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 973
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd_left.jpg
fxmoneylab.ru/templates/bt_arise/images/ 532 B
709 B 81ms
42ms Image
image/jpeg 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd_left.jpg
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: f0e789a80a47b6b88abeba169fcc5bbbb1add89463f149f86baec14e9b3d70a2

Request headers

:path: /templates/bt_arise/images/bgd_left.jpg
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 31 Oct 2018 17:24:06 GMT
server: nginx
etag: "5bd9e536-214"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 532
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd-module-spotline.png
fxmoneylab.ru/templates/bt_arise/images/ 14 KB
15 KB 81ms
43ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-module-spotline.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: a9f2f8453c2973ac77d96503fe242c51892e45794e02d4f8c4e70d204b1c9b26

Request headers

:path: /templates/bt_arise/images/bgd-module-spotline.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 31 Oct 2018 17:22:32 GMT
server: nginx
etag: "5bd9e4d8-3977"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 14711
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgd-module-spotline-h3.png
fxmoneylab.ru/templates/bt_arise/images/ 1 KB
1 KB 82ms
42ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bgd-module-spotline-h3.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 2151a22a96a15fc9fcea857cd861f8266804cf0374a6115e081469b7639d542a

Request headers

:path: /templates/bt_arise/images/bgd-module-spotline-h3.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-4fc"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1276
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bullet1.png
fxmoneylab.ru/templates/bt_arise/images/ 1 KB
1 KB 82ms
42ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bullet1.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 10ec57c522a3d6bf16e9d8f234147ba8457f191eb604c5d7b1150d7804e554bf

Request headers

:path: /templates/bt_arise/images/bullet1.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-440"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1088
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6Vj_YJwQj.woff2
fonts.gstatic.com/s/cuprum/v14/ 5 KB
5 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cuprum/v14/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6Vj_YJwQj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cuprum:regular|Frijole:regular&subset=cyrillic,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a13e60985d8400d8a8991ec211f285d13df9467a9fa36f299d9b64bbce25708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fxmoneylab.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 17:24:12 GMT
x-content-type-options: nosniff
age: 443253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5416
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 23:11:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 17:24:12 GMT

GET
H2 200 dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6VjvYJw.woff2
fonts.gstatic.com/s/cuprum/v14/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cuprum/v14/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6VjvYJw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cuprum:regular|Frijole:regular&subset=cyrillic,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc092b27d8f8b4f97574e13763a7dfe5bccc884cc9ef4c0848a0030cc12840b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fxmoneylab.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 12:40:22 GMT
x-content-type-options: nosniff
age: 114683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8072
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 23:14:41 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 12:40:22 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4620738776268144&plah=fxmoneylab.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b0cdd883ba5aba9619606b07e5354d7a7d02c613f16304b2be6f14382142a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95603
x-xss-protection: 0
server: cafe
etag: 14975429524352139583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H2 200 bullet_footer.png
fxmoneylab.ru/templates/bt_arise/images/ 196 B
371 B 43ms
42ms Image
image/png 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmoneylab.ru/templates/bt_arise/images/bullet_footer.png
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 107c2f0593ee6556a8d7dd111595ef5e35e8fb037d282c4a7e35afd2667476d0

Request headers

:path: /templates/bt_arise/images/bullet_footer.png
pragma: no-cache
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=css&jat3file=t3-assets%2Fcss_c4cc4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Wed, 20 Mar 2013 20:36:32 GMT
server: nginx
etag: "514a1dd0-c4"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 196
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/ Frame E934 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210824/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fxmoneylab.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://fxmoneylab.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 29 Aug 2021 16:22:09 GMT
expires: Sun, 12 Sep 2021 16:22:09 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 14976
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t14.16;r;s1600*1200*24;uhttps%3A//fxmoneylab.ru/sovetniki-forex/;0.6884304949425852
https://counter.yadro.ru/hit?q;t14.16;r;s1600*1200*24;uhttps%3A//fxmoneylab.ru/sovetniki-forex/;0.6884304949425852

233 B
719 B

54ms
53ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.16;r;s1600*1200*24;uhttps%3A//fxmoneylab.ru/sovetniki-forex/;0.6884304949425852

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

d1c4853efd42b67ea2692740a9a17563351104f5ea8e8e494d23245de1a8f5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Aug 2021 20:31:45 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 233
Expires: Fri, 28 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 Aug 2021 20:31:45 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t14.16;r;s1600*1200*24;uhttps%3A//fxmoneylab.ru/sovetniki-forex/;0.6884304949425852
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 28 Aug 2020 21:00:00 GMT

GET
H2 200 cse_element__ru.js Show response
www.google.com/cse/static/element/b54a745638da8bbb/ 283 KB
93 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__ru.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-4620738776268144:1638165903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c93d2cccd89dedde4708d853325bf14b8a5a90e387d1dd80f2bd58ac1083b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94599
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:01:10 GMT

GET
H2 200 default+ru.css
www.google.com/cse/static/element/b54a745638da8bbb/ 41 KB
9 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/default+ru.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-4620738776268144:1638165903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 12:34:57 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
5 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-4620738776268144:1638165903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:16:59 GMT
vary: Accept-Encoding
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
x-content-type-options: nosniff
age: 886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4495
x-xss-protection: 0
expires: Sun, 29 Aug 2021 21:06:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
34 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVZPG2H

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf612748a64d68a14a27ddd132e31ec559ce73a79802782de372a79c65c92c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34686
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 132 KB
47 KB 49ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

363c6169ce360671468754beb2357045645c39844b4a6d250860687a7f98cba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 16:59:05 GMT
etag: "6127a958-bab0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47792
expires: Sun, 29 Aug 2021 21:31:45 GMT

GET
H2 200 popup.html Show response
fxmoneylab.ru/plugins/system/jcemediabox/themes/light/ 1 KB
514 B 43ms
43ms XHR
text/html 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/plugins/system/jcemediabox/themes/light/popup.html
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_b065e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 1cf446ef244b6b55626ef3675f41c7418718791b64ef13818df96cde0219d733

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
:path: /plugins/system/jcemediabox/themes/light/popup.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/html; charset=UTF-8
accept: text/javascript, text/html, application/xml, text/xml, */*
cache-control: no-cache
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://fxmoneylab.ru/sovetniki-forex/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/html; charset=UTF-8

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 17:36:59 GMT
server: nginx
etag: W/"604a553b-445"
content-type: text/html

GET
H2 200 tooltip.html Show response
fxmoneylab.ru/plugins/system/jcemediabox/themes/light/ 958 B
384 B 43ms
43ms XHR
text/html 91.236.136.45
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylab.ru/plugins/system/jcemediabox/themes/light/tooltip.html
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_b065e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.136.45 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: s115.webhost1.ru
Software: nginx /
Resource Hash: 87b2718dc94de5c4722e85a3d1ee55a1c98c87c24d3770adcbce689db5821842

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: b3462cb0ee06303b7dcb0a4fac5bba71=a1ccc4bbe5b516ce060bc0c66560f209; bt_arise_tpl=bt_arise
:path: /plugins/system/jcemediabox/themes/light/tooltip.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/html; charset=UTF-8
accept: text/javascript, text/html, application/xml, text/xml, */*
cache-control: no-cache
:authority: fxmoneylab.ru
referer: https://fxmoneylab.ru/sovetniki-forex/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://fxmoneylab.ru/sovetniki-forex/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/html; charset=UTF-8

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 17:36:59 GMT
server: nginx
etag: W/"604a553b-3be"
content-type: text/html

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2110834376&utmhn=fxmoneylab.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-66383865-1&cid=1655185415.1630269105&jid=2125178861&_v=5.7.2&z=2110834376

35 B
113 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-66383865-1&cid=1655185415.1630269105&jid=2125178861&_v=5.7.2&z=2110834376

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 29 Aug 2021 20:31:45 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-66383865-1&cid=1655185415.1630269105&jid=2125178861&_v=5.7.2&z=2110834376
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
660 B 43ms
16ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fxmoneylab.ru&callback=_gfp_s_&client=ca-pub-4620738776268144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4620738776268144&plah=fxmoneylab.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

58cf0ef0d174738315e2079fa937b67a07b956863612b7e6b077f0c7ca1aaf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
600 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fxmoneylab.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
243 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fxmoneylab.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0AE 80 KB
27 KB 417ms
416ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=600&slotname=1837476453&adk=778346635&adf=1511272658&pi=t.ma~as.1837476453&w=257&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&psa=0&format=257x600&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105097&bpp=9&bdt=839&idt=166&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5073545044616&frm=20&pv=2&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=231&ady=1214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&alvm=r20210824&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ibCEcF2Tq&p=https%3A//fxmoneylab.ru&dtd=185

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adb9b309ce23fbbb770bbbe26b1fd1c1092ae534d826aeb2031ca13424975b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4620738776268144&output=html&h=600&slotname=1837476453&adk=778346635&adf=1511272658&pi=t.ma~as.1837476453&w=257&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&psa=0&format=257x600&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105097&bpp=9&bdt=839&idt=166&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5073545044616&frm=20&pv=2&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=231&ady=1214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&alvm=r20210824&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ibCEcF2Tq&p=https%3A//fxmoneylab.ru&dtd=185
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fxmoneylab.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://fxmoneylab.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 29 Aug 2021 20:31:45 GMT
server: cafe
content-length: 27923
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Aug-2021 20:46:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 20:31:45 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 51ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063795307439"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H2 200 https.embed.js Show response
fxmoneylabru.push.world/ 254 KB
63 KB 46ms
19ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmoneylabru.push.world/https.embed.js
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ef0ed31b8a3168d01069e17b412e97b1ec392fa14f20fa212019ccc88c5c670a

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 19:32:01 GMT
server: nginx/1.18.0
etag: W/"60131131-3f933"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-proxy-cache: MISS

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F2D 137 KB
41 KB 259ms
258ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&adk=84980950&adf=198458457&lmt=1630269105&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105210&bpp=1&bdt=952&idt=86&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=257x600&nras=1&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=90

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14b15f17961606cd914fac66a6af2f954586285a8214c0f345c06462a2468204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4620738776268144&output=html&adk=84980950&adf=198458457&lmt=1630269105&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105210&bpp=1&bdt=952&idt=86&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=257x600&nras=1&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fxmoneylab.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://fxmoneylab.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 29 Aug 2021 20:31:45 GMT
server: cafe
content-length: 41762
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Aug-2021 20:46:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 20:31:45 GMT
cache-control: private

GET
H3-29 200 async-ads.js Show response
cse.google.com/adsense/search/ 148 KB
54 KB 2410ms
2396ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__ru.js?usqp=CAI%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

989a7e85f03213da09dec5266df5726b57cdff9ac79c824e4e436416a5210b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:47 GMT
content-encoding: gzip
vary: Accept-Encoding
server: sffe
x-content-type-options: nosniff
etag: "11360708621065994600"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 29 Aug 2021 20:31:47 GMT

GET
H3-29 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/default+ru.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/b54a745638da8bbb/default+ru.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 01:34:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 241031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Sat, 27 Aug 2022 01:34:34 GMT

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 22:32:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 424744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
expires: Wed, 24 Aug 2022 22:32:41 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 6ms
5ms Image
text/plain 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
199 B 26ms
5ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9380.TIJJi4_Su3TMa28Ra7Ijz0ToOiwnLPWuHfI0A8xCZcYma-lUSN6BR8BQeP9NOPnn.sCSyp5Uqkxn6wzJf4Z-mtt61KGM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9380.9BRqY7BGsRvwJezuYOQw4bx4TtZd4hY3rTizzj8pjv8xLAwWKH2k1pOXSAf1Dg4M8OhV4fQxKEfAi9m-T9VkwQ%2C%2C.i7pPH5lN4O2_arYO3LnkkqyuguY%2C

75 B
75 B

51ms
51ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9380.9BRqY7BGsRvwJezuYOQw4bx4TtZd4hY3rTizzj8pjv8xLAwWKH2k1pOXSAf1Dg4M8OhV4fQxKEfAi9m-T9VkwQ%2C%2C.i7pPH5lN4O2_arYO3LnkkqyuguY%2C

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9380.9BRqY7BGsRvwJezuYOQw4bx4TtZd4hY3rTizzj8pjv8xLAwWKH2k1pOXSAf1Dg4M8OhV4fQxKEfAi9m-T9VkwQ%2C%2C.i7pPH5lN4O2_arYO3LnkkqyuguY%2C
date: Sun, 29 Aug 2021 20:31:45 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
84 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Thu, 26 Aug 2021 15:39:16 GMT
etag: "6127a958-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 29 Aug 2021 21:31:45 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/25172384/
Redirect Chain

https://mc.yandex.com/watch/25172384?wmode=7&page-url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A1421%3Afu%3A0%3A...
https://mc.yandex.com/watch/25172384/1?wmode=7&page-url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A1421%3Afu%3A0%...

331 B
413 B

57ms
56ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/25172384/1?wmode=7&page-url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A1421%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A605827720114%3Ahid%3A461951245%3Az%3A120%3Ai%3A20210829223145%3Aet%3A1630269105%3Ac%3A1%3Arn%3A680010825%3Au%3A16302691051029152540%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630269103631%3Ads%3A201%2C89%2C332%2C2%2C0%2C0%2C%2C952%2C14%2C%2C%2C%2C1579%3Adsn%3A201%2C89%2C334%2C1%2C0%2C0%2C%2C953%2C14%2C%2C%2C%2C1579%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630269106%3At%3A%D0%A1%D0%BE%D0%B2%D0%B5%D1%82%D0%BD%D0%B8%D0%BA%D0%B8%20%28%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%80%D0%BE%D0%B1%D0%BE%D1%82%D1%8B%29%20%D0%A4%D0%BE%D1%80%D0%B5%D0%BA%D1%81%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%A24

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

adce638f66b03e5f1206711b42f2e47b3702c448b86ba858cf4036c790c1811c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Aug 2021 20:31:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 29-Aug-2021 20:31:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fxmoneylab.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Sun, 29-Aug-2021 20:31:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Aug 2021 20:31:45 GMT
last-modified: Sun, 29-Aug-2021 20:31:45 GMT
location: /watch/25172384/1?wmode=7&page-url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A1421%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A605827720114%3Ahid%3A461951245%3Az%3A120%3Ai%3A20210829223145%3Aet%3A1630269105%3Ac%3A1%3Arn%3A680010825%3Au%3A16302691051029152540%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630269103631%3Ads%3A201%2C89%2C332%2C2%2C0%2C0%2C%2C952%2C14%2C%2C%2C%2C1579%3Adsn%3A201%2C89%2C334%2C1%2C0%2C0%2C%2C953%2C14%2C%2C%2C%2C1579%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630269106%3At%3A%D0%A1%D0%BE%D0%B2%D0%B5%D1%82%D0%BD%D0%B8%D0%BA%D0%B8%20%28%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%80%D0%BE%D0%B1%D0%BE%D1%82%D1%8B%29%20%D0%A4%D0%BE%D1%80%D0%B5%D0%BA%D1%81%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%A24
strict-transport-security: max-age=31536000
access-control-allow-origin: https://fxmoneylab.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 29-Aug-2021 20:31:45 GMT

GET
H3-29 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 145 KB
52 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/reactive_library_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1de99147afacbb50162e8573f613c879dba94f7d96387cbf2e69d761d1537e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53273
x-xss-protection: 0
server: cafe
etag: 11300002193737632522
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fxmoneylab.ru

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fxmoneylab.ru

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7DDE 126 KB
40 KB 887ms
886ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=90&adk=3194726322&adf=4202603901&pi=t.aa~a.1758199130~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&to=qs&pwprc=9825954465&psa=0&format=1200x90&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105588&bpp=1&bdt=1330&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8462e06a32d7ec8-2236b917b9c900eb%3AT%3D1630269105%3ART%3D1630269105%3AS%3DALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q&prev_fmts=257x600%2C0x0&nras=2&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=J32y2JS1D4&p=https%3A//fxmoneylab.ru&dtd=14

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a036773c724bea86e095243d8e465c1a853945dfa2e7d2e963317803f2f881d1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMaPuNeJ1_ICFaZTwgod7n4KGw&gqi=se4rYaaWJZuDnsEP-rCL0Ag&layout=/sadbundle/%24csp%253Der3%24/13550567860056241595/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4620738776268144&output=html&h=90&adk=3194726322&adf=4202603901&pi=t.aa~a.1758199130~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&to=qs&pwprc=9825954465&psa=0&format=1200x90&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105588&bpp=1&bdt=1330&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8462e06a32d7ec8-2236b917b9c900eb%3AT%3D1630269105%3ART%3D1630269105%3AS%3DALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q&prev_fmts=257x600%2C0x0&nras=2&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=J32y2JS1D4&p=https%3A//fxmoneylab.ru&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fxmoneylab.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://fxmoneylab.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMaPuNeJ1_ICFaZTwgod7n4KGw&gqi=se4rYaaWJZuDnsEP-rCL0Ag&layout=/sadbundle/%24csp%253Der3%24/13550567860056241595/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 29 Aug 2021 20:31:46 GMT
server: cafe
content-length: 40463
x-xss-protection: 0
set-cookie: IDE=AHWqTUkqks9uTk5XpwoTXQMo0e-JtvdFxHfGIRTfjJuMjMvzxVYASjtwDQAt8G6mRrw; expires=Fri, 23-Sep-2022 20:31:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 20:31:46 GMT
cache-control: private

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/ Frame 5069 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fxmoneylab.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://fxmoneylab.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 29 Aug 2021 01:42:40 GMT
expires: Sun, 12 Sep 2021 01:42:40 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 67745
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/ Frame 31D7 2 KB
3 KB 28ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/index.html

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

553141f4cf52617b9d3686bd5485484f62ba2a26b9a9a1eda153788c75eee243

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16818140578527622767/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1097
date: Sat, 28 Aug 2021 12:40:40 GMT
expires: Sun, 28 Aug 2022 12:40:40 GMT
last-modified: Thu, 15 Apr 2021 13:49:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 114665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5069 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CItfWse4rYe-fE4nizAbAp7OYDvzTisJj49PUzt0N_u2-4HYQASCyt41QYJUCoAH_hK3tA8gBCagDAcgDSKoEwAFP0N8GrTKlX9QS5yfmOUOuqk9DT9aJiKvMgi3L8UDCmOgJabq2SDWpMSi4MEX1GWD0XOA8b_x81qj9QJcqg-YDn009aQlTBeoJvw0gvHVuoQZguU7RrDdWLAIlZ3l8vo0QUbZXyZClC_1F8NI2Mm4oZwPFpkUFgjgxNvmwV2opxN-EsekSxyL3meIOOj4JdXNO0Fv4OTQw_9FsGOwOcVaq7K19_vQkcw_WzkIIrDungVBezFAe3-Sc9tTLaRX2CNPABPSBx8L4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCzswvSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNDYyMDczODc3NjI2ODE0NBgA&sigh=cHhZjWFGROo&template_id=419

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 Aug 2021 20:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame 5069 18 KB
8 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:30:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 5069 2 KB
1 KB 32ms
12ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:29:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5069 122 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 5069 14 KB
6 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:29:54 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 31D7 9 KB
3 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Aug 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 31D7 26 KB
10 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 29 Aug 2021 20:35:29 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 31D7 236 KB
63 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H3-29 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/ Frame 31D7 138 KB
34 KB 23ms
8ms Script
application/x-javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16818140578527622767/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f376f1ffc926507f7bd2335018b3c1b115c4ff27ad38f2d357f3871e9188bbb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 424153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34518
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:49:38 GMT
server: sffe
date: Tue, 24 Aug 2021 22:42:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 22:42:32 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame A0AE 3 KB
578 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=600&slotname=1837476453&adk=778346635&adf=1511272658&pi=t.ma~as.1837476453&w=257&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&psa=0&format=257x600&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105097&bpp=9&bdt=839&idt=166&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5073545044616&frm=20&pv=2&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=231&ady=1214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&alvm=r20210824&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ibCEcF2Tq&p=https%3A//fxmoneylab.ru&dtd=185

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 19:40:42 GMT
server: ESF
date: Sun, 29 Aug 2021 20:31:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0B4A 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlpTl8gA158zv0O5lttqIjdSj0DcjVXL58Xxg2weHU6sjn_GKUVKekOSm2aZQY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 29 Aug 2021 19:52:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5069 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ff3bfc651a1f93e50cca6aa7ebcd9d85af6af395d6f7a5f99c23a4e91a4a485

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame A0AE 1 KB
857 B 6ms
5ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:28:44 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame A0AE 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:30:43 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame A0AE 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:29:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0AE 122 KB
37 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 29 Aug 2021 20:31:45 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame A0AE 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:29:54 GMT

GET
H2 200 bf370751b3c301aa27eddd739f5e1f7e.js Show response
www.gstatic.com/mysidia/ Frame A0AE 26 KB
11 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 16:33:03 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A0AE 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci7Qlse4rYcHgEs_3zQad94SIDYa_29Nj0tbt08sO2tkeEAEgsreNUGCVAqABm7mfmAPIAQGpAjkf1HXB9mM-qAMByAPLBKoEtwFP0FwVqQIlwQjzlQ8X_Ya2SgK9kWPhORgy3pWs5c_ugn6ZesKComtJS174qK5cZo0AX9vfm0UI5cPfZyqPqxBzhpWirV4-SmiaZPexQXKs8Np_VjQq4h8OnQ4hv_Jy3sTw4muGGfuHbd7dyd2WWDLXvp29ZKYp43iLifru9VKnJ9TPpyDITG7Yudbmsn9o6FPLtvNuCzH8VNuy9WE5kD-iWYxx6DK7EMoIn2hdAdbIxiPt8Vz6U03ABI2RtIjQA5IFBAgEGAGSBQQIBRgEgAfNxuBnqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB6a-G9gHAfIHBBC0pgTSCAkIgOGAEBABGB-ACgHICwHYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNDYyMDczODc3NjI2ODE0NBgA&sigh=mG-LvKa3Pus

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=600&slotname=1837476453&adk=778346635&adf=1511272658&pi=t.ma~as.1837476453&w=257&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&psa=0&format=257x600&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105097&bpp=9&bdt=839&idt=166&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5073545044616&frm=20&pv=2&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=231&ady=1214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&alvm=r20210824&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ibCEcF2Tq&p=https%3A//fxmoneylab.ru&dtd=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 Aug 2021 20:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9997 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=600&slotname=1837476453&adk=778346635&adf=1511272658&pi=t.ma~as.1837476453&w=257&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&psa=0&format=257x600&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105097&bpp=9&bdt=839&idt=166&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5073545044616&frm=20&pv=2&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=231&ady=1214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&alvm=r20210824&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ibCEcF2Tq&p=https%3A//fxmoneylab.ru&dtd=185
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlpTl8gA158zv0O5lttqIjdSj0DcjVXL58Xxg2weHU6sjn_GKUVKekOSm2aZQY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=600&slotname=1837476453&adk=778346635&adf=1511272658&pi=t.ma~as.1837476453&w=257&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&psa=0&format=257x600&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105097&bpp=9&bdt=839&idt=166&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5073545044616&frm=20&pv=2&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=231&ady=1214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&alvm=r20210824&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ibCEcF2Tq&p=https%3A//fxmoneylab.ru&dtd=185

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 29 Aug 2021 19:52:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A0AE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a432e9077053b4656a9bc241a4996bce3fb7533c637c33e3126d7343c001f125

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame A0AE 21 KB
21 KB 25ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 23:18:34 GMT
x-content-type-options: nosniff
age: 335591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:01:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 23:18:34 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94Yt3CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame A0AE 11 KB
11 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94Yt3CwZ-Pw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be91f18df6e006242cdabf8678e83f6df4b713a2ffabca522cd9e2619a255f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 03:26:23 GMT
x-content-type-options: nosniff
age: 320722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10824
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:01:22 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 03:26:23 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame A0AE 21 KB
21 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 00:01:03 GMT
x-content-type-options: nosniff
age: 419442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:00:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 00:01:03 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Kwp5MKg.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame A0AE 11 KB
11 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Kwp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a0a55ede49967613efde001805c862157a4f477f3546dd3c197a8a1d6398d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:39:29 GMT
x-content-type-options: nosniff
age: 132736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10924
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:00:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 07:39:29 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0B4A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

38ms
38ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlpTl8gA158zv0O5lttqIjdSj0DcjVXL58Xxg2weHU6sjn_GKUVKekOSm2aZQY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 20:31:45 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 29-Aug-2021 21:31:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 20:31:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 20:31:45 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js Show response
pagead2.googlesyndication.com/bg/ Frame 31D7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c05e6af5ea5f0572387a024ec6f6d5325a3a4a75739ef0e99adbe8e3f28d921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:43:40 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9997
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlpTl8gA158zv0O5lttqIjdSj0DcjVXL58Xxg2weHU6sjn_GKUVKekOSm2aZQY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 20:31:45 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 29-Aug-2021 21:31:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 20:31:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 20:31:45 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C2A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c05e6af5ea5f0572387a024ec6f6d5325a3a4a75739ef0e99adbe8e3f28d921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:43:40 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/ Frame DCC6 6 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

243f6279267a07461166234c3b5385bedc8c415789ed7a343f7a03edf997d3a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/13550567860056241595/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2399
date: Tue, 24 Aug 2021 22:52:34 GMT
expires: Wed, 24 Aug 2022 22:52:34 GMT
last-modified: Thu, 15 Apr 2021 13:45:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 423552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F01 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cyg0mse4rYYbzJqaniQbu_anYAfzTisJjvs6Vy80Nzr74lnEQASCyt41QYJUCoAH_hK3tA8gBCagDAcgDSKoExQFP0EqhU5SCQMR7aNYLQ6hbdIzeUfFPusJrc_HwTXZc_SjLxvnO1n3lh4LmMv3DwIF81mt3qJMUEMSCWwA82xNiRDgTCbpNg890jlnPSOtNpZ8l8oc03HqKkq_Y2wZGc34-qmcI8q9ZBry47FAUDjRernd0Ngxrbh12txSneNMzCuWONYh5opPkFXmF6rmF3jvDX1sH2i3ZLtPU0B-Ayh9hAe1ooTqWjHO3dA5qdw1Alg4cShsC1VXjKkAsVO7t7euJMHI3hMAE3P_GwvgCkgUECAQYAZIFBAgFGASgBi6AB5L7mh2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEKPIE9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi00NjIwNzM4Nzc2MjY4MTQ0GAA&sigh=GchRDZ8dh-w&template_id=419

Requested by

Host: fxmoneylab.ru
URL: https://fxmoneylab.ru/sovetniki-forex/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=90&adk=3194726322&adf=4202603901&pi=t.aa~a.1758199130~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&to=qs&pwprc=9825954465&psa=0&format=1200x90&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105588&bpp=1&bdt=1330&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8462e06a32d7ec8-2236b917b9c900eb%3AT%3D1630269105%3ART%3D1630269105%3AS%3DALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q&prev_fmts=257x600%2C0x0&nras=2&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=J32y2JS1D4&p=https%3A//fxmoneylab.ru&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 Aug 2021 20:31:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame 6F01 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=90&adk=3194726322&adf=4202603901&pi=t.aa~a.1758199130~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&to=qs&pwprc=9825954465&psa=0&format=1200x90&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105588&bpp=1&bdt=1330&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8462e06a32d7ec8-2236b917b9c900eb%3AT%3D1630269105%3ART%3D1630269105%3AS%3DALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q&prev_fmts=257x600%2C0x0&nras=2&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=J32y2JS1D4&p=https%3A//fxmoneylab.ru&dtd=14

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:30:43 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 6F01 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:29:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F01 122 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 29 Aug 2021 20:31:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 6F01 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 20:29:54 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6F01 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLOg3VnAmNmDwFu0CCEPB58OYVF5ffqvTHlpHNgsHWRUhB0F2MBWgYgARTA2pPkelzLzzWsdLNUxhua_V-vwk0rKmh_g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=90&adk=3194726322&adf=4202603901&pi=t.aa~a.1758199130~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&to=qs&pwprc=9825954465&psa=0&format=1200x90&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105588&bpp=1&bdt=1330&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8462e06a32d7ec8-2236b917b9c900eb%3AT%3D1630269105%3ART%3D1630269105%3AS%3DALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q&prev_fmts=257x600%2C0x0&nras=2&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=J32y2JS1D4&p=https%3A//fxmoneylab.ru&dtd=14
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DCC6 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Aug 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DCC6 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 29 Aug 2021 20:35:29 GMT

GET
H3-29 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DCC6 186 KB
48 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Aug 2021 20:31:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame DCC6 84 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 14:25:21 GMT

GET
H3-29 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/ Frame DCC6 88 KB
20 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea57bb3134409e73d3b533817f332f7ddf0568573bc4d1267cc41a5ad343490f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 103781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20153
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:45:27 GMT
server: sffe
date: Sat, 28 Aug 2021 15:42:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 15:42:05 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame DCC6 2 KB
536 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 19:42:43 GMT
server: ESF
date: Sun, 29 Aug 2021 20:31:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Aug 2021 20:31:46 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1A0 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=90&adk=3194726322&adf=4202603901&pi=t.aa~a.1758199130~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&to=qs&pwprc=9825954465&psa=0&format=1200x90&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105588&bpp=1&bdt=1330&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8462e06a32d7ec8-2236b917b9c900eb%3AT%3D1630269105%3ART%3D1630269105%3AS%3DALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q&prev_fmts=257x600%2C0x0&nras=2&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=J32y2JS1D4&p=https%3A//fxmoneylab.ru&dtd=14
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkqks9uTk5XpwoTXQMo0e-JtvdFxHfGIRTfjJuMjMvzxVYASjtwDQAt8G6mRrw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4620738776268144&output=html&h=90&adk=3194726322&adf=4202603901&pi=t.aa~a.1758199130~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1630269105&rafmt=1&to=qs&pwprc=9825954465&psa=0&format=1200x90&url=https%3A%2F%2Ffxmoneylab.ru%2Fsovetniki-forex%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630269105588&bpp=1&bdt=1330&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8462e06a32d7ec8-2236b917b9c900eb%3AT%3D1630269105%3ART%3D1630269105%3AS%3DALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q&prev_fmts=257x600%2C0x0&nras=2&correlator=5073545044616&frm=20&pv=1&ga_vid=1655185415.1630269105&ga_sid=1630269105&ga_hid=1744537861&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44748552%2C44749369%2C31062297&oid=3&pvsid=317028346723962&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=J32y2JS1D4&p=https%3A//fxmoneylab.ru&dtd=14

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 29 Aug 2021 19:52:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 6F01 0
20 B 55ms
41ms Other
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMaPuNeJ1_ICFaZTwgod7n4KGw&gqi=se4rYaaWJZuDnsEP-rCL0Ag&layout=/sadbundle/%24csp%253Der3%24/13550567860056241595/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sun, 29 Aug 2021 20:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1A0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkqks9uTk5XpwoTXQMo0e-JtvdFxHfGIRTfjJuMjMvzxVYASjtwDQAt8G6mRrw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 20:31:46 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 29-Aug-2021 21:31:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 20:31:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 20:31:46 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6F01 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95ce7aef99467f67b13a1fa89c28993247f6ce271ef6fd054944a857e713f414

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index_atlas_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/ Frame DCC6 4 KB
4 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13550567860056241595/index_atlas_.png?1569918079118

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd98fe0580d9a380da7c6b12e802acd0785ca60e8a906952112be69478f10752

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 438132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3778
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:45:27 GMT
server: sffe
date: Tue, 24 Aug 2021 18:49:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires: Wed, 24 Aug 2022 18:49:34 GMT

GET
H3-29 200 bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js Show response
pagead2.googlesyndication.com/bg/ Frame DCC6 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c05e6af5ea5f0572387a024ec6f6d5325a3a4a75739ef0e99adbe8e3f28d921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:43:40 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5069 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstx8-VanoOquAdB9sCuJhyqJJUPkRy2kBz_HN24FzfYKb5KZD7-lERGl6t-j35vHFTd2fjhKTJ671Kx5IYcKv0D-R1w3bXkrytDjtcUzBI5X9mp-a6DXLJmynKtSg&sai=AMfl-YQ93JGBxjhn8-zOueJAvpKB44TjgQ1m_cL4K_g_NxrDw05oCNGJ_6uVUyIaP8KhnPsXZBGkYlL7LpkE&sig=Cg0ArKJSzMNTp7Po6kuEEAE&id=lidar2&mcvt=1032&p=1106,299,1231,1304&mtos=0,817,1032,1195,1312&tos=0,817,215,163,117&v=20210827&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=2&adk=84980951&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630269105622&rpt=139&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Aug 2021 20:31:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210823&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b299ce23cae983051544f2c56690c022f9136416d627b49f5ecfcd2626fb0781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Aug 2021 20:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8554
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 29 Aug 2021 20:31:47 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2326 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fxmoneylab.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://fxmoneylab.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 29 Aug 2021 20:27:42 GMT
expires: Mon, 29 Aug 2022 20:27:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3828 783 B
531 B 189ms
189ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6702a2624aadacb0fa89e58257c73e17dac4fe61c1e908df0c99385dff73141

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WDU+xaATCfH666S+SroLnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fxmoneylab.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://fxmoneylab.ru/

Response headers

expires: Sun, 29 Aug 2021 20:31:47 GMT
date: Sun, 29 Aug 2021 20:31:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WDU+xaATCfH666S+SroLnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2326 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 09:54:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 09:54:41 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210823&jk=317028346723962&bg=!AgGlAUXNAAYXVutgF1Y7ACkAdvg8WpSsnwQ7a86wSrQlTprEnKaAM7E0v8bZXpd9QTj-0fjZGCr3ZgIAAABXUgAAAAloAQcKAC7ZtUTuW-Ysxi7SAWLxs326yEbQ2J7llW3laBvIIg_EgAzi7QttK9OvqNZBQHfBmQJxQXfFmY3fdQlCW5W0L6hQ3lgeMrAcU8LtDn9dxtHEWcZ4j4k3msxhpwBmOqHoXlA1wuBl7HeZ4inWS23X5qDpbvblH73zhMyXExlp-JJRPIeBcQEvac2tX40zDJP9_vOhytQyEvSF8YzCQ3brxEhLI3ASL--j7bxjBSBSID2p4_KKR8-IMPW98DB2x5vl_xUMr9qR4kzFrF1BBIj_QqASfxuja0w1sHRtwB27lreKmkOkV662NQqr2L5Yb1B8mtLPQW46LDS2WY4eYrjQjZt9I7inBHOp0Bz5dYxEZV3xFt4vLj6G4BliBkb5LOTDQkVWBlpRGCBmo-tPBOtvLIrybTesXui-h8NSD0jZlvheZgowkyqUzoOw3Tp8J9_pK3wO51eY9mHnnrVlMfdt4y8DAJc4STwOj5jSzRACotvIfFX9BUcw2WUT3pnjw0xel9PgUtFih8RrpLMbi2x7C8bOLsX6048KOpJESd8u7p350cBhJ5Yp09qYJKHc9kbbYvSOxAe88Wv2mzs9CzDtA_EC_fgnoiBjhoWgv_vk1KvWhNPcC0jWPRtso5jzte5cFYa6Dutdgqr7a-qC5UA3KI3ErgIzTPLPmps4fs_pg1hxP6GiGMXSA9EdYv4FVwZ_H8682N_shN9CA830H8-sXuq-Y1AYrLgiwzje9zU8yr4SXxM5HTnfKP96yj_Nih2a0Ms_-essaKmhGNg49EO5XavurujyyHYb0bq_7lQJDTB_a3yWBgw3zvkirjEHetlqvRAYRpE4-WO3_VBUnl5vMCh2AGEGfubKO6uGD3V8F9M2vxEOO3kWg7e9-ZeegVNP4-7y9w
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fxmoneylab.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DCC6 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 04:09:29 GMT
x-content-type-options: nosniff
age: 318147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 04:09:29 GMT

Verdicts & Comments Add Verdict or Comment

289 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 06:12:45	Name: IDE Value: AHWqTUkqks9uTk5XpwoTXQMo0e-JtvdFxHfGIRTfjJuMjMvzxVYASjtwDQAt8G6mRrw
.doubleclick.net/	1970-01-19 20:51:12	Name: DSID Value: NO_DATA
.fxmoneylab.ru/	1970-01-19 20:52:21	Name: _ym_isad Value: 2
.fxmoneylab.ru/	1970-01-20 05:36:45	Name: _ym_d Value: 1630269105
.fxmoneylab.ru/	1970-01-19 20:51:10	Name: __utmb Value: 88729804.1.10.1630269105
.fxmoneylab.ru/	1970-01-20 05:36:45	Name: _ym_uid Value: 16302691051029152540
.fxmoneylab.ru/	1970-01-19 20:51:09	Name: __utmt Value: 1
.fxmoneylab.ru/	1970-01-19 20:51:10	Name: _ym_visorc Value: w
.fxmoneylab.ru/	1970-01-20 01:13:57	Name: __utmz Value: 88729804.1630269105.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.fxmoneylab.ru/	1969-12-31 23:59:59	Name: __utmc Value: 88729804
.fxmoneylab.ru/	1970-01-20 06:12:45	Name: __gads Value: ID=c8462e06a32d7ec8-2236b917b9c900eb:T=1630269105:RT=1630269105:S=ALNI_MaHlywlFihu_7LFdim6AqXJ5NIr3Q
.fxmoneylab.ru/	1970-01-20 14:22:21	Name: __utma Value: 88729804.1655185415.1630269105.1630269105.1630269105.1
fxmoneylab.ru/	1970-01-20 05:22:21	Name: bt_arise_tpl Value: bt_arise
fxmoneylab.ru/	1969-12-31 23:59:59	Name: b3462cb0ee06303b7dcb0a4fac5bba71 Value: a1ccc4bbe5b516ce060bc0c66560f209

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
clients1.google.com
counter.yadro.ru
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
fxmoneylab.ru
fxmoneylabru.push.world
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
ssl.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.fxmag.ru
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.74.194
172.217.23.98
213.174.135.1
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:808::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9d
2a02:6b8::1:119
88.212.201.216
91.218.228.159
91.236.136.45
0051ffbe5c18a4e1240dd7795e6f6f1691ca4544b1766145c2045f1b66ff8738
00837d80c7ba353f5145da5fdba2becb5b721a018e0abc9a425c514aca1671ee
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece
107c2f0593ee6556a8d7dd111595ef5e35e8fb037d282c4a7e35afd2667476d0
10ec57c522a3d6bf16e9d8f234147ba8457f191eb604c5d7b1150d7804e554bf
11ffe566c3b88743a8a4f10e52cb00a50bf3c38d8ee2ae1b3092691e9dfed156
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14b15f17961606cd914fac66a6af2f954586285a8214c0f345c06462a2468204
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e4b85bce30dc125a38c9397166749b5105215faa76e23769d4b8717f584f09
19eee0276402eec83e76d61942d00357a87c926e05ad1fbde7fcaacc013a923b
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c025852aaba324a07ea0ef664b071b51fde945433b3feb48c4b396e37a70446
1cf446ef244b6b55626ef3675f41c7418718791b64ef13818df96cde0219d733
1de99147afacbb50162e8573f613c879dba94f7d96387cbf2e69d761d1537e0b
1ff3bfc651a1f93e50cca6aa7ebcd9d85af6af395d6f7a5f99c23a4e91a4a485
2151a22a96a15fc9fcea857cd861f8266804cf0374a6115e081469b7639d542a
2195a7ffae1e77d7602eee15f22f9a9993f08a7df213cdc6829ebdf0b7911796
243f6279267a07461166234c3b5385bedc8c415789ed7a343f7a03edf997d3a2
2af8cbd0e0b43d42ae79127341b350e582401e0327a073d43ccca0abff93c426
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
35ab05671e7f5d5706980a0b35003f09ad11136d77b33bdf2de682fed990a8fd
363c6169ce360671468754beb2357045645c39844b4a6d250860687a7f98cba8
3a13e60985d8400d8a8991ec211f285d13df9467a9fa36f299d9b64bbce25708
3c93d2cccd89dedde4708d853325bf14b8a5a90e387d1dd80f2bd58ac1083b29
42dd197f5d15d2a06539ab87fb97e1d3e1c40583deee00b6899a68981f0e33fa
46145270b8b2ee040a0d83a61fd9aa5634377009d7ee00fcb0e8e5c18d576b72
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4a0a55ede49967613efde001805c862157a4f477f3546dd3c197a8a1d6398d82
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4ca5ef22f8316519b406c1704ff603b42404ee4534a7726fe2fd0a6abf3caf8f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
553141f4cf52617b9d3686bd5485484f62ba2a26b9a9a1eda153788c75eee243
56879fb4221c71397cda384fdec163f1f60ba96605a3db8661f4286bb0b71a3c
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
58cf0ef0d174738315e2079fa937b67a07b956863612b7e6b077f0c7ca1aaf74
5b6bb6f73345b0a05151a56d1a0537d2316b9d142c612dcfb68e254e6cedca6d
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6c05e6af5ea5f0572387a024ec6f6d5325a3a4a75739ef0e99adbe8e3f28d921
7087d847e00b8f8d3951337d810910e8f8bd0d649ae8d84b1216aa16cc25ec42
73fff8a5ee778e127421beff42d117bd3c3e61a20abb5b054afd5f5a52616fce
76105ad240f804a7ecd6470e690b512f20197b334789a1a839641892af5f08ce
7998b1a3a745310a44df30b99b5becc3aa15eab739c3421096f7e7feacfe9d92
7e228f1cd7df8b4410ce21583e5a6b699132f9c9945f26d8ded118cb837dd0f7
7f376f1ffc926507f7bd2335018b3c1b115c4ff27ad38f2d357f3871e9188bbb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
87b2718dc94de5c4722e85a3d1ee55a1c98c87c24d3770adcbce689db5821842
945664995c28647166b699f3cc09d19c141ba67953ca0c375a48bc9a2dde7fd9
95ce7aef99467f67b13a1fa89c28993247f6ce271ef6fd054944a857e713f414
989a7e85f03213da09dec5266df5726b57cdff9ac79c824e4e436416a5210b5d
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9b0cdd883ba5aba9619606b07e5354d7a7d02c613f16304b2be6f14382142a7b
9ca9b9e697a3a7f63aa39db45aaf2dc0279a5707e93a0c42d5b2e1be5ced6e16
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
a036773c724bea86e095243d8e465c1a853945dfa2e7d2e963317803f2f881d1
a04500cd33d6da71ede73c656881116d0e235e6c484a48c47f387438ad3e2a1d
a432e9077053b4656a9bc241a4996bce3fb7533c637c33e3126d7343c001f125
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7ca73b51bd1ab8dfa4aa42da5dd5a7348dd7a72681e1b68a5f8575366d53980
a9f2f8453c2973ac77d96503fe242c51892e45794e02d4f8c4e70d204b1c9b26
abc0895d4edb171cbd692d03eaa37c86367018f6d230f3f45d713a43b0fc2309
adb9b309ce23fbbb770bbbe26b1fd1c1092ae534d826aeb2031ca13424975b49
adce638f66b03e5f1206711b42f2e47b3702c448b86ba858cf4036c790c1811c
b04205d0dcc6b822b0fe63569a5c2d393b141b2a766864b473cb4976559ce607
b299ce23cae983051544f2c56690c022f9136416d627b49f5ecfcd2626fb0781
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb0c0286e2639c17ec76dc16ce4493d1ea8c4ffdde127b4b5535ef140803e49a
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be1ab67ce9ca47c14b5c43e9d01d506eb3ed5f3a8738130b8e3299ff1c0eeb81
be91f18df6e006242cdabf8678e83f6df4b713a2ffabca522cd9e2619a255f2e
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c08a99a8a0f96508b902611be96081b1b50d927fba892492fc830ba69ebf962e
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cc092b27d8f8b4f97574e13763a7dfe5bccc884cc9ef4c0848a0030cc12840b7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cde7682f94589a89bdd407647f35effdda0dd561d4e53584c95dd96a77bff776
cf1e8a9d880f4ee12c94164ac5be366f4d23e0d199c19f6526aa8cf1e8dad499
cf612748a64d68a14a27ddd132e31ec559ce73a79802782de372a79c65c92c69
d1c4853efd42b67ea2692740a9a17563351104f5ea8e8e494d23245de1a8f5a6
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6702a2624aadacb0fa89e58257c73e17dac4fe61c1e908df0c99385dff73141
dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd98fe0580d9a380da7c6b12e802acd0785ca60e8a906952112be69478f10752
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
e377a25c2cc2758ec362add7d2584d32340aef6d0f36c549d50515036a15c9b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e766bef1ea21632d4f2f23786bbf4613983154c8ff2d590dabc6b53b86d62d1a
e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251
e94a34c0f4e7209832ea632eac9ecd29d1ded66a5895852359e403c35d75c1ed
ea57bb3134409e73d3b533817f332f7ddf0568573bc4d1267cc41a5ad343490f
ee3a34091436c23d8837d0a5b12606f303b7cfb11cf4377ccfb432b7fc2c8146
ef0ed31b8a3168d01069e17b412e97b1ec392fa14f20fa212019ccc88c5c670a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e789a80a47b6b88abeba169fcc5bbbb1add89463f149f86baec14e9b3d70a2
f1cdd385647928b88198739435fb7e17ad66a2f08d2e95f83da040a7a84afac6

fxmoneylab.ru Open in urlscan Pro 91.236.136.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

129 Requests

100 %HTTPS

79 %IPv6

17 Domains

25 Subdomains

28 IPs

4 Countries

2477 kBTransfer

5661 kBSize

14 Cookies

4 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fxmoneylab.ru Open in urlscan Pro
91.236.136.45 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

100 %
HTTPS

79 %
IPv6

17
Domains

25
Subdomains

28
IPs

4
Countries

2477 kB
Transfer

5661 kB
Size

14
Cookies

129 HTTP transactions
3 data transactions