ds761tbf-pl.fina.guru Open in urlscan Pro
2606:4700:3035::6815:46d5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ds761tbf-pl.fina.guru/go_to/?offer=pl_net_gotowka_mfo_549_af
Effective URL:
https://ds761tbf-pl.fina.guru/
Submission: On February 06 via api (February 6th 2024, 9:25:31 pm UTC) from US — Scanned from US

Summary HTTP 87 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 10 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3035::6815:46d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is ds761tbf-pl.fina.guru.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.

This is the only time ds761tbf-pl.fina.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 22	2606:4700:303... 2606:4700:3035::6815:46d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
12	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
2	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
87	16

22 2606:4700:3035::6815:46d5 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ds761tbf-pl.fina.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	432 KB
22	fina.guru 3 redirects ds761tbf-pl.fina.guru	263 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	902 KB
9	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 154 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	49 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	96 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	182 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
87	10

	Domain	Requested by
22	ds761tbf-pl.fina.guru	3 redirects ds761tbf-pl.fina.guru
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	ds761tbf-pl.fina.guru pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	www.gstatic.com	ds761tbf-pl.fina.guru www.google.com googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
6	www.google.com	ds761tbf-pl.fina.guru www.gstatic.com www.google.com tpc.googlesyndication.com
5	fonts.gstatic.com	ds761tbf-pl.fina.guru fonts.googleapis.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.googleadservices.com
2	analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	ds761tbf-pl.fina.guru www.googletagmanager.com
1	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	code.jquery.com	ds761tbf-pl.fina.guru
87	15

This site contains links to these domains. Also see Links.

Domain
tinyurl.com

Subject Issuer	Validity	Valid
fina.guru GTS CA 1P5	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://ds761tbf-pl.fina.guru/
Frame ID: 2F8A0603481C067C5211F89E29473032
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 663211756BE9A4AC8E4B9818268CFF2C
Requests: 1 HTTP requests in this frame

Frame: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: C67D61B95C352EED90E93FC7B9DA163D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=qq1uvciyvdiy
Frame ID: CD45D03F925E4308A1AB7C42C8DFC058
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8279955182611131&output=html&adk=1812271804&adf=3025194257&lmt=1707254725&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fds761tbf-pl.fina.guru%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707254725678&bpp=3&bdt=536&idt=211&shv=r20240201&mjsv=m202402050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2012270055716&frm=20&pv=2&ga_vid=1913704747.1707254726&ga_sid=1707254726&ga_hid=991616441&ga_fc=0&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080887%2C44795922%2C44809003%2C31080933%2C95324154%2C95324160&oid=2&pvsid=1858468609411516&tmod=2075381933&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: E88762C2872147F36351581F2E05E18C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G
Frame ID: F58562D2F40C5B4F1E6544F3FBB9AC77
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: F6582D222B4906D3988FB3BA3998202E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: AF23007DEC572B78DE9EA059E3971165
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 68916A87ABE88818E7D1B68F653CEBC3
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 4EDF6E9CFE3E5B2279D471052FAD7393
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: AB17DFD23532D9E79E260851EC1110F4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 1A3644E6202E57DEF55FC591132D61C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4E9473AD2054409D6B6B06F2495E4D2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 492B90A5585F849E2190528A117A2A6E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ds761tbf-pl.fina.guru/go_to/?offer=pl_net_gotowka_mfo_549_af HTTP 301
https://ds761tbf-pl.fina.guru/go_to/?offer=pl_net_gotowka_mfo_549_af HTTP 302
https://ds761tbf-pl.fina.guru/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

87
Requests

98 %
HTTPS

93 %
IPv6

10
Domains

15
Subdomains

16
IPs

1
Countries

2151 kB
Transfer

5808 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tinyurl.com/2p96c6up
Title: Viber

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ds761tbf-pl.fina.guru/go_to/?offer=pl_net_gotowka_mfo_549_af HTTP 301
https://ds761tbf-pl.fina.guru/go_to/?offer=pl_net_gotowka_mfo_549_af HTTP 302
https://ds761tbf-pl.fina.guru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Request Chain 76

https://googleads.g.doubleclick.net/pagead/adview?ai=CzQAMxqPCZbPmC7SvqMwP4-6ngAiz_bfUdcPDw-eYEufjor3AARABIMnVmJwBYMnGqYvApNgPoAHC6ZeWA8gBCagDAcgDy4SAgASqBN0BT9AQRpSubbAA9QXjPfgmSmw9xFijV_HwaQsbRTy3s22W-qhMHSUNQQpjju_Ehiao8egngzTUPRk-0ymDR2ajWE7enc8J7jy7oZrB7Oqi7yBQbeen_U3Bk3m1nY_middoKtb5xqeDk2xbe5K4jhS84ygCDeNNAidFTleUHDmGKtxXFn6BT0iL-j1AdLdGJRQYVWNVwtSkiZUGQ5x58VJf6MzwfCp8D1HtYO3tlSvPGPyl5hFwVle1quoZmd6E6eRHakvbhdcsdeLiBv5zESEsKEjmknBnII0UwO8XwTbABIOiz4jBBIgFqPvNhE2gBi6AB6aW6GmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCNty_SCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYlof7u9OXhAOaCSZodHRwczovL3Nob3Aud2VnbWFucy5jb20vP3N0b3JlX2lkPTExNYAKAcgLAdoMEAoKEICRnbHw2Ze-BhICAQPYEwOIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItODI3OTk1NTE4MjYxMTEzMRgA&sigh=76BGVPglwJQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_8-eiOvFNlsTj319EoWq4e-zOvK_et34biqvCDw7_T0jd9sdmuI90ImyQ0pdywcHPl96Z1h0uyDVZAuZf8Te0b-SA1P3M8RA5VBgB&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x64f1d115ef09a3b50000000000000000%22,%222%22:%220x84686cc6b992b2f40000000000000000%22,%223%22:%220xf2e36ad035c60a270000000000000000%22,%224%22:%220x40baf519ceb1f75e0000000000000000%22,%225%22:%220x3e88a8016d49be680000000000000000%22},%22debug_key%22:%2217493319294702459928%22,%22debug_reporting%22:true,%22destination%22:%22https://wegmans.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22851834050%22],%2222%22:[%22true%22],%224%22:[%2202-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22593949496215196321%22}&andc=true

87 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ds761tbf-pl.fina.guru/
Redirect Chain

http://ds761tbf-pl.fina.guru/go_to/?offer=pl_net_gotowka_mfo_549_af
https://ds761tbf-pl.fina.guru/go_to/?offer=pl_net_gotowka_mfo_549_af
https://ds761tbf-pl.fina.guru/

68 KB
17 KB

339ms
338ms

Document
text/html

2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbf4ad6862b4be7deacd8d69c269fcb7b7dc72a2dc3efad542d198fc23529342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8516772deb9d17bd-EWR
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 06 Feb 2024 21:25:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nKYO2mJ%2FutBCkqwxrd1l9f8LynQAo1uNcMSBD5CjMxHltHCmqORUnquUGLEraBm%2FDdy9QogFxFJ57LyQByzb0wCijR7DLXpnpgmTf%2F6TKDvkvumuRZ0y61ef9Iu5chTkLQIqrV4q%2BpXGlhiYkgAMhKxpV8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Cookie
x-content-type-options: nosniff
x-frame-options: ALLOWALL ALLOWALL

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8516772bc9a617bd-EWR
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 06 Feb 2024 21:25:24 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPwIkN5Xato8O4XB67DsoHQcJRonY7wABMg7n9n4oSOIYirntrzkKMum8M3U%2Brl6%2Fk2t%2FpnBD%2BMrmQdl8qg9i56hptKllYZAej374m5axn7KBwx%2BrHjmEO6f34aHq5Irw8GsxqpQhTLucYarLXf6EAtlPwI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: ALLOWALL ALLOWALL

GET
H3 200 style.min.css
ds761tbf-pl.fina.guru/static/core/m4m/css/ 50 KB
8 KB 250ms
248ms Stylesheet
text/css 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/m4m/css/style.min.css

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Feb 2021 13:34:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6023e0f0-c8e9"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZSs15eNRaN7lxnUNVSbn3aZTqpD%2BE1ckzUG5RpfDO9f6XRTM9OiwAqWnwQ9Q8NtKzfOcN509MfMlljNZY68XJQyQXdoyl9Cl%2F3AT5GT1hkaoFuxmAb5SZi2GMHUrds%2BAUS2sY7EGW9PK5FT%2Bm00EH6b10Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cf-ray: 851677302ebd4388-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.css
ds761tbf-pl.fina.guru/static/core/m4m/css/ 159 KB
28 KB 256ms
253ms Stylesheet
text/css 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1b8add97fbfd7710e32d0ab792c17e0a30c491aff1fb1cf790b1dd084aa69d4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 14:43:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=cannot_optimize
etag: W/"63ff6483-27db1"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o78AIEtZBSL3DJPFI%2B8Yc8B3cLUTPrbzwxHoQs8KMpv%2B6hbJfxeadg5l058d0MuhwBKbFKaXqo1%2BsPguQmhHye6zW37mtXRqJbkirmPkUd%2B9cngdVFmsPQBxskyb0hjkw6PWvxVYd2kock0z5o%2BK7p3gOws%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cf-ray: 851677302ec04388-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 33ms
8ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2571808
x-cache: HIT
content-length: 30638
x-served-by: cache-lga21975-LGA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707254725.171950,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 376828

GET
H3 200 main.js Show response
ds761tbf-pl.fina.guru/static/core/groshi/js/ 151 KB
48 KB 244ms
243ms Script
application/javascript 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/groshi/js/main.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01eda7f50e5a175644989807fc6c9e60d55d5d69bb50e80426b17b2750fd4fa

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 05 Feb 2021 15:58:32 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=154146
etag: W/"601d6b28-25a22"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFOc%2Bcx6Ykd0K1II%2Be6agUOpRhCb5UnJaqH5VuZ3%2Fb%2FIa5ZiCoLEF%2F72%2FIVyT9exWLQ%2FBsh%2F%2FhoUt7%2B1BDOYrxnnKWhc4vry9yvLZAhIDQTlUT54QXjkLdMRfXoKzYm5R4bDYcL8y5%2FmnFuHgNoyZ89B44o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 851677302ec14388-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 188ms
69ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7dd5a531f6ab34bc9f50c9417743971fe4a9cc76c5bfb12d7ba9a7a237d5dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://ds761tbf-pl.fina.guru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51057
x-xss-protection: 0
server: cafe
etag: 15508792682019743410
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 06 Feb 2024 21:25:25 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/3.6.8/ 294 KB
97 KB 54ms
10ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/3.6.8/firebase.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2017 23:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 09:11:04 GMT

GET
H3 200 firebase_subscribe.js Show response
ds761tbf-pl.fina.guru/ 3 KB
2 KB 288ms
287ms Script
text/javascript 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/firebase_subscribe.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e4d13f69a41254cb5fc9982a5e0058f23dd8dc232cc6fabbbfff64fc8d5ef2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL, ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: EXPIRED
last-modified: Tue, 06 Feb 2024 10:56:02 GMT
cross-origin-opener-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: ALLOWALL, ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiOqG9fS%2B6hTkNbtzspkvZ%2FUs51Y4lNYGc5lQulsqDk0Y7eBljRgSsIPaqD4ym2Rlvg9KO7rpNYFAzEosaYfEDHmU9Rv%2BB2Y50LDndUmw11TXmJFqBr4Lyn5Wd90Tb4kxINReaOCK7n6sa3c2%2FIX7B4rMG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
vary: Accept-Encoding
cf-ray: 851677302ec24388-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 Logo_Smartney.jpg
ds761tbf-pl.fina.guru/media/data/media/ 10 KB
11 KB 259ms
258ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Smartney.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25bda40402b33cf2699493b3e31a3a4fac6e08deb81ff3aab507853c48d8db29

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Apr 2022 15:19:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6262c79a-2919"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxItgaj53Orv8TolQf4kir0ieOQllNEH4%2BSrZsrGJXKuCDMokBfA5KZ%2B%2Ba%2BIUwI0j5i80UrEk9GoglwmEzpAp7E29tzStAXde6kENyY3eamfjq%2BDTM8Xiz1ZqitNVWCXT6aUxoYC7hvnpgYj%2FI4UNlwt9JQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 851677302ec34388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 10521

GET
H3 200 Logo_FenikoPL.jpg
ds761tbf-pl.fina.guru/media/data/media/ 19 KB
19 KB 261ms
260ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_FenikoPL.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6780a23d72086741268990a9e66a5183500f3f6f3e5857e2a83eb0bea46fa619

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Apr 2022 15:13:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6262c622-4a5b"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0psnT%2F7wIhQph0FNDxUUxqpwRjPMjgPUN4YnuPyRfO40Lw2NaftSSnzXO8xlfmPBZrxccEq%2FNdBDGW%2F%2BKkUS2X1ulE9f4%2FFetaOOtcep9VzlYq9ipS8Lnh%2BQ1xwvLnfdnoQF%2BdNHJwob7LoeKYohMWkpH8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 851677302ec44388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 19035

GET
H3 200 Logo_OROS.pl.jpg
ds761tbf-pl.fina.guru/media/data/media/ 20 KB
20 KB 285ms
268ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_OROS.pl.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d8a5a4caf3e8c11f135c7b68e20c12d9781595adba532c7196f13a96b22c245

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Apr 2022 15:21:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6262c7fb-4ecb"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evffzvvp%2FybvEKHz83bIV9EFcw3nB5X1QeHZ%2BgSkpzlc0QD1%2FNna0ZmSZhi7MW3Fvo8A23uj6viC3c%2FjERD7EZccZoz8Te4rCTnYfIg5mF%2F2IDrdnrVtXVJJnAJxL28vjbDoBplHao7gHa%2FVOmQw2xUJ2kg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 85167731f93b4388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 20171

GET
H3 200 Logo_Miloan_FvFmOyK.jpg
ds761tbf-pl.fina.guru/media/data/media/ 18 KB
18 KB 205ms
190ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Miloan_FvFmOyK.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

314f7d0e61704bb35dd98173cbde300b4c2c52e3eca0623a6e2e8d78faddc045

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 01 May 2022 22:19:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626f078b-46cf"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24I2oUIK2FWO%2FUaGCl%2BWeHEi9gvgGvEYnwmz494k%2B6l2mnoZ0%2BDn5zhcpjYJfMt2yGC9f83Gm7G103SnKPqQiT2iaxf1UUyVY%2BMiYwtyXxiNx2NzI1VL9sbqznUR0nWOd2IHqtdk6KrAPiAf99Py92zFZiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 85167731f93f4388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 18127

GET
H3 200 Logo_Kuki.pl_5iiewmL.jpg
ds761tbf-pl.fina.guru/media/data/media/ 15 KB
15 KB 271ms
268ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Kuki.pl_5iiewmL.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe762e3b5e1e6e8c509d78ea2895fb0fd7ef384c0f59a4c3e0da7b2e215a836b

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 11 May 2022 13:39:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "627bbc99-3aa8"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TULcs64Lw5YBV2AK6R8KbdaCAW8415FKFU5AGXuPIepw8K57HeBbnIzEU1HPxwKJia9oL%2BuO3HXu37vJZYy7s%2BHr54wmXLJltVYztfCoog11sj3zhLzLPPeL48s5r0hilXzdSksP61jELq6oQtgbkEYbGWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 85167732195f4388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 15016

GET
H3 200 Logo_Net_Credit.jpg
ds761tbf-pl.fina.guru/media/data/media/ 9 KB
9 KB 259ms
257ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Net_Credit.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47398dc4a1e2caa214149cdf707bc7cfc564fd6dce2b7eb19e3dabf62e0e512

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Apr 2022 15:22:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6262c829-2253"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBhxwWSKBvSAuZrm8HfHrzWt5DHc%2Fr%2FQopfPvirY8eL236iW%2FDJJtpy4Im%2B8kp4udy8EDSRTt7pgt%2BJrjRuG3c17NhLvDgJkrZcU%2FSaAoAQh7SF4MUljVZxREDdJAi3rkyzP%2Bydnta8frW3pM4J2zJ2AX%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8516773219624388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 8787

GET
H3 200 Logo_AlfaKredyt.jpg
ds761tbf-pl.fina.guru/media/data/media/ 11 KB
11 KB 261ms
259ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_AlfaKredyt.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

371122607bda2ad6dd44a066bc6209e907c044acc56f7fae312cae21a3500fdb

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Apr 2022 15:23:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6262c877-2a75"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIeR5gMv80JQpldCcuYdF3ad2ymghhHlhU9cagLq5qn8scCzYOJl%2Ba9jhtcrNVajVlBOl3svNnEBP1yFe9hwVD6uwI8whsEbYd4myNvsVG3hBcIPf6nqT7maggEyJ5zsCxKRwl125U2EPPjIOK1Tk0%2BGFI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8516773219634388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 10869

GET
H3 200 Logo_SMART.jpg
ds761tbf-pl.fina.guru/media/data/media/ 21 KB
21 KB 181ms
180ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_SMART.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

003f30a13cbf92c3a27be20aa0d02c8727c3c41f1482076ff0d0963a1dad87b4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Apr 2022 15:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6262c718-5239"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIalowRVs3EGZoX1nz9OKCU57Oc6MD1%2BM1gUwMVlsYljb2JjRV9VUgjq2tMAMeajfPJR8WF%2Bu%2FtlZ7oQapDsZe6a0RnwOJAZDTprCfYObDySVp1CnMsLxKJ1yWIrmBKQy3rwrGJVdywAbBhd8dKvXDniy24%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8516773219644388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 21049

GET
H3 200 Logo_Wonga.jpg
ds761tbf-pl.fina.guru/media/data/media/ 14 KB
14 KB 271ms
269ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Wonga.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adec71a58be678e01d8aa766db0fa49ec609202b503ca330b2b48a9a818ebd06

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Apr 2022 15:20:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6262c7bc-3677"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2m0epMBN4iZ3v1wA9ClD9mXhxncP%2Fs3%2BsUEvnrZgS0JoQPIovCAxfioJoimhDVQc5FGqfiEaCjiPGQYYlMXI9zUFdYLT7eLDjEhhxnXU4YyEf0v1R3tBLxQZ9YFOnD11aGiU7H6OCmRRf%2By%2BRwp9BAyhGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8516773219654388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 13943

GET
H3 200 Logo_netGotowka_2.jpg
ds761tbf-pl.fina.guru/media/data/media/ 11 KB
12 KB 333ms
331ms Image
image/jpeg 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_netGotowka_2.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d8f2b222eee286eb7f2e147c2e8b092634586f01b238cf3af30933dcb5b5c97

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 31 Jan 2024 07:58:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65b9fd8b-2c4f"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GB7YTnpfQIr6dA4SET8AH49lBlM%2F8YLK8k%2FLvoPRO5yY7Jzck5REmWjhxshBObZpfQiBsdeCEH2SkY4%2FeMhSyZNx4Xd9Z4UJ82NpyGHqsQaH5QufiTPhTVH%2B6XSjZEXyCv9vs3dhoPn5KaxL3VIuZY2Pyg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8516773219684388-EWR
alt-svc: h3=":443"; ma=86400
content-length: 11343

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 188ms
63ms Script
text/javascript 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?renderer=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f2e3876ae23eb7172110ab1ad802c3f78f558c6bca52ff2c5f3c875cd4ff48a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 06 Feb 2024 21:25:25 GMT

GET
H3 200 jquery.maskedinput.js Show response
ds761tbf-pl.fina.guru/static/core/pozy4ka/js/ 6 KB
3 KB 272ms
269ms Script
application/javascript 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/pozy4ka/js/jquery.maskedinput.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03aff9ba10559a70ac312000ccfe9585b762f171283c53c3271d343080425093

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 11 Mar 2022 09:08:12 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11272
etag: W/"622b117c-2c08"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARfqp0c9p%2FUxWzyp5mSY3RP0MG126ivsvV%2F6Eif3%2F1817EY%2FH%2BpC7dL6T0AXhcl8oJVBBsQu5UxZ2RNOV2zNzQk4TLA3iJFAVW50KxvPFMgd%2B%2FTKTLhprC77nyqA4Bf8%2BF%2BAYmgSuspSLeQwfemEz2W1SiY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 8516773219604388-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
ds761tbf-pl.fina.guru/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
6ms Script
application/javascript 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Feb 2024 15:36:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bd0be2-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99OT8Kbx6l7o2tFPiPT%2BCqrOGLznyBEDdmOo%2FETWBUhPAX2H7uTxs2t2c7qg17lbzEnIr6azQ%2Bo%2B0tAuT777Zq0rWED0hRWkO01ORbKndKr8eKaLd8mKg%2FUq6BuPjy0Gdcwlxl5qQpQiyrivbC76GzJOYs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8516773219614388-EWR
expires: Thu, 08 Feb 2024 21:25:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 252 KB
85 KB 188ms
66ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVD2DK7

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43f9c3db27f8a7c00fde2187e727de4256a7f960070e7b8639802846538889d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87046
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Feb 2024 21:25:25 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 46 KB
24 KB 189ms
85ms Font
font/ttf 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24632
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:47:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:16:20 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 45 KB
24 KB 201ms
96ms Font
font/ttf 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24295
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:28:24 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 46 KB
24 KB 181ms
78ms Font
font/ttf 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24405
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:33:57 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v14/ 45 KB
24 KB 159ms
59ms Font
font/ttf 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:16:20 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ 488 KB
194 KB 75ms
26ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?renderer=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://ds761tbf-pl.fina.guru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198255
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:24:49 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/ 406 KB
138 KB 125ms
70ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2c4f1cb118b6ca25c486fe525a8607f4fa0d30695833dfe91246a1dcb0ac7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141168
x-xss-protection: 0
server: cafe
etag: 14547815093415628836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:25:25 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/ Frame 6632 9 KB
5 KB 63ms
15ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 66937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 02:49:48 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 02:49:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
96 KB 34ms
33ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVD2DK7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f09b36d992ea6a0b50af7236f396be1574b25d311399178d79bfff89db76f0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 21:25:25 GMT

GET
H3

200

main.js Show response
ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame C67D
Redirect Chain

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
4 KB

14ms
13ms

Script
application/javascript

2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Server

2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab07c08c31c587fc4027282ac920f38b8fe8a479c30bb86c5632e614970387cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gup4KG5quHwLi3SIig2QCCQxcs9UVNarZNGhU5vLFAjj5kCbQkVbb1lAWifOjxPAWlX42q5%2BJ0XaCYO2CcIOy2WKJEd8nB3PjgO41C%2Fg7iTmRF5OqT8MoZ2p5y7XN4KogHBJrtSPgJnvqehUf80r29YdP6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85167736cec54388-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 06 Feb 2024 21:25:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xW30g9UVzjehFRZ4CNprhswWiq9xF0PFcx4XUerH5FsLJLXUyss1AtiyW%2FRLESJP06sFiOUMYUT29tFsyn%2B0U1dJVxyTiTY6wA9e20T5UvilSL8wpBEGOhhCdqzC1qoJ5%2B5sg9%2FU3hRKMEzGpsJoHB20bZc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control: max-age=300, public
cf-ray: 85167734ac5d4388-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CD45 45 KB
29 KB 54ms
50ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=qq1uvciyvdiy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab509aaec80823ef6b0042067be74a3b8b13ac6fd5a4579d809580b333ee912d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Up7BedzTZonPZMaNbPpiHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Up7BedzTZonPZMaNbPpiHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 21:25:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E887 479 KB
79 KB 487ms
484ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8279955182611131&output=html&adk=1812271804&adf=3025194257&lmt=1707254725&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fds761tbf-pl.fina.guru%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707254725678&bpp=3&bdt=536&idt=211&shv=r20240201&mjsv=m202402050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2012270055716&frm=20&pv=2&ga_vid=1913704747.1707254726&ga_sid=1707254726&ga_hid=991616441&ga_fc=0&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31080887%2C44795922%2C44809003%2C31080933%2C95324154%2C95324160&oid=2&pvsid=1858468609411516&tmod=2075381933&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbae99783ba217e2b58f09b3920fa9079afb9cc0aedc9d8dc73b880605cdf0aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 80790
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 21:25:26 GMT
expires: Tue, 06 Feb 2024 21:25:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 32ms
32ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:25:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
258 B 399ms
78ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TRH92ECSV3&gtm=45je4250v874499617z8854091770za200&_p=1707254725444&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1913704747.1707254726&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707254726&sct=1&seg=0&dl=https%3A%2F%2Fds761tbf-pl.fina.guru%2F&dt=&en=page_view&_fv=1&_ss=1&tfd=1970
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 396ms
76ms Ping
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TRH92ECSV3&cid=1913704747.1707254726&gtm=45je4250v874499617z8854091770za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame CD45 55 KB
24 KB 58ms
56ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=qq1uvciyvdiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 05:57:24 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame CD45 488 KB
194 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198255
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:24:49 GMT

POST
H3 200 8516772deb9d17bd Show response
ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C67D 0
604 B 98ms
93ms XHR
text/plain 2606:4700:3035::6815:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/jsd/r/8516772deb9d17bd
Requested by: Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Feb 2024 21:25:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fNu3oauS6dC5jMzAVp6UbWbPg4RM3KgDyt3deXa7kOZEyTC1mieJ2jNVsG7l0Soy9x%2FXxhjNCCYOTsrlWb%2B09vE0SROgJwq%2BbF2YVEjktfKLlkFSR177FQFIHhLR4L%2FLY%2FQ%2FKCOEDVc7iP01ZK5GrXLudg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 85167738382a4388-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js Show response
www.google.com/js/bg/ Frame CD45 17 KB
7 KB 94ms
93ms Script
text/javascript 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=qq1uvciyvdiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6929
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 22:40:03 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CD45 102 B
135 B 90ms
90ms Other
text/javascript 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99953d3788a76b3b5392d7c3c2fc57a741f5d5c2b263616fdd07938aa2aa1b5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=qq1uvciyvdiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 06 Feb 2024 21:25:26 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/ 165 KB
56 KB 89ms
88ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/reactive_library_fy2021.js?bust=31080933

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b54232d3e6840a1c3b0a47d0f595d03b942de475ae5d2a8b40718804bdefa4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57127
x-xss-protection: 0
server: cafe
etag: 481393141745110845
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:25:26 GMT

GET
H2 200 ca-pub-8279955182611131 Show response
fundingchoicesmessages.google.com/i/ 23 KB
11 KB 184ms
43ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8279955182611131?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

137d5e1f37f7975772d1fda98452d8ca0a95571fcda704ff79a9061bdcba5d56

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Lx8eZGLyHmSaahgaazccBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Lx8eZGLyHmSaahgaazccBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsOoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxCX3T7HWgfEwnLnWaWBWIiH49jxrnVsAjuu99xmBgCwtk4F"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame F585 7 KB
1 KB 37ms
28ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf11b30adf6b6ce7703411bca6cdced338a20396c4ee95056bd1afdefebf9ae1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CWAwkJU--x9DIHdKzrrlKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CWAwkJU--x9DIHdKzrrlKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 21:25:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame F585 55 KB
24 KB 4ms
4ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 05:57:24 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame F585 488 KB
194 KB 14ms
14ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198255
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:24:49 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/ Frame F658 9 KB
4 KB 56ms
50ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 14:32:33 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 14:32:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/ Frame AF23 9 KB
4 KB 35ms
34ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 14:32:33 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 14:32:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/ Frame 6891 9 KB
4 KB 33ms
31ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 14:32:33 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 14:32:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame F658 14 KB
2 KB 56ms
25ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 21:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:21:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 21:25:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame F658 2 KB
903 B 42ms
13ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/ Frame F658 23 KB
9 KB 38ms
14ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame F658 3 KB
1 KB 43ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame F658 20 KB
9 KB 34ms
11ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:14:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F658 205 KB
65 KB 107ms
53ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:25:27 GMT

GET
H3 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame F658 37 KB
15 KB 8ms
8ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 09:20:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AF23 6 KB
779 B 46ms
38ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 21:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:07:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 21:25:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame AF23 2 KB
856 B 26ms
18ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/ Frame AF23 23 KB
9 KB 27ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame AF23 3 KB
1 KB 26ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame AF23 20 KB
8 KB 17ms
12ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:14:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF23 205 KB
65 KB 95ms
60ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:25:27 GMT

GET
H3 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame AF23 37 KB
15 KB 10ms
8ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 09:20:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6891 6 KB
779 B 28ms
26ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 21:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:34:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 21:25:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 6891 2 KB
856 B 32ms
17ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/ Frame 6891 23 KB
9 KB 33ms
18ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 6891 3 KB
1 KB 37ms
22ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:24:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 6891 20 KB
8 KB 29ms
14ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:14:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6891 205 KB
65 KB 75ms
61ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:25:27 GMT

GET
H3 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 6891 37 KB
15 KB 32ms
19ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 09:20:29 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10269884230599730367/ Frame F658 31 KB
32 KB 32ms
23ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10269884230599730367/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e12db6efc8de2940e41b393137fc8e2a0b9547860e97cb88a8cda5bedbba4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:33:18 GMT
date: Thu, 01 Feb 2024 09:33:18 GMT
x-content-type-options: nosniff
age: 474729
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32155
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 19:44:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame F658 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F658 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F658 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e0cd35ecb7050746a53bf627b8ddbdb75468d4c35daeaca7f7d3b56eae1ea0e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F658 33 KB
33 KB 40ms
39ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:11:34 GMT
x-content-type-options: nosniff
age: 476033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:11:34 GMT

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EDF 51 KB
19 KB 11ms
10ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 15:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Feb 2025 15:53:03 GMT

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame AB17 51 KB
19 KB 12ms
11ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 15:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Feb 2025 15:53:03 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F658
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CzQAMxqPCZbPmC7SvqMwP4-6ngAiz_bfUdcPDw-eYEufjor3AARABIMnVmJwBYMnGqYvApNgPoAHC6ZeWA8gBCagDAcgDy4SAgASqBN0BT9AQRpSubbAA9QXjPfgmSmw9xFijV_HwaQsbRTy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x64f1d115ef09a3b50000000000000000%22,%222%22:%220x84686cc6b992b2f40000000000000000%22,%223%22:%220xf2e36a...

0
0

53ms
33ms

Fetch
text/css

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x64f1d115ef09a3b50000000000000000%22,%222%22:%220x84686cc6b992b2f40000000000000000%22,%223%22:%220xf2e36ad035c60a270000000000000000%22,%224%22:%220x40baf519ceb1f75e0000000000000000%22,%225%22:%220x3e88a8016d49be680000000000000000%22},%22debug_key%22:%2217493319294702459928%22,%22debug_reporting%22:true,%22destination%22:%22https://wegmans.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22851834050%22],%2222%22:[%22true%22],%224%22:[%2202-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22593949496215196321%22}&andc=true

Protocol

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x64f1d115ef09a3b50000000000000000","2":"0x84686cc6b992b2f40000000000000000","3":"0xf2e36ad035c60a270000000000000000","4":"0x40baf519ceb1f75e0000000000000000","5":"0x3e88a8016d49be680000000000000000"},"debug_key":"17493319294702459928","debug_reporting":true,"destination":"https://wegmans.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["851834050"],"22":["true"],"4":["02-06"],"6":["true"]},"priority":"500","source_event_id":"593949496215196321"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Feb 2024 21:25:27 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Feb 2024 21:25:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x64f1d115ef09a3b50000000000000000","2":"0x84686cc6b992b2f40000000000000000","3":"0xf2e36ad035c60a270000000000000000","4":"0x40baf519ceb1f75e0000000000000000","5":"0x3e88a8016d49be680000000000000000"},"debug_key":"17493319294702459928","debug_reporting":true,"destination":"https://wegmans.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["851834050"],"22":["true"],"4":["02-06"],"6":["true"]},"priority":"500","source_event_id":"593949496215196321"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 48ms
48ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240201&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bf108979c8b53fd2f76d29abfb03d162082bcbc1f0c87f04df66f5d2426b411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12439
x-xss-protection: 0

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A36 51 KB
19 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 15:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Feb 2025 15:53:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_fy2021.js?bust=31080933

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 21:25:27 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
31ms Preflight
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:25:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 20ms
19ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TRH92ECSV3&gtm=45je4250v874499617za200&_p=1707254725444&gcd=13l3l3l3l1&npa=0&dma=0&cid=1913704747.1707254726&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1707254726&sct=1&seg=0&dl=https%3A%2F%2Fds761tbf-pl.fina.guru%2F&dt=&_s=2&tfd=3530
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:25:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D4E9 13 KB
5 KB 6ms
4ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 90188
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 20:22:20 GMT
expires: Tue, 04 Feb 2025 20:22:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 492B 829 B
561 B 24ms
24ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8a6ac7b49faf270c2cae436021732d5c926b4dfa8dbee594a059ed0ceab392a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UNZW_YIKmmuDBAC1Hq5XuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UNZW_YIKmmuDBAC1Hq5XuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 21:25:28 GMT
expires: Tue, 06 Feb 2024 21:25:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D4E9 39 KB
15 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 20:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 20:17:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 492B 0
0 66ms
65ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240201&jk=1858468609411516&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D4E9 0
10 B 4ms
3ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5BhJCg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:25:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F658 42 B
64 B 69ms
68ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssF0AUmiCVDcaBxHnx_RAyOVkWVjm0BJEuSRD1nrrk0epazNDZfYmnLJMjk_tEJgpdG1gm465TJsNrHZZUWtcj0-vISXkzpfH3vEHROlli47om729leZ25k19j4UQC0kJiG-wmAyLGA8Yi7dMlwcQEDWADxxtfO1WDoH0m7Nb29YLg4FE7Bzcj7uqebfPanLuyYTRz2_OnyR0fPQY24FgOC3tsEAmXpOUKiZoRROTY0Z1x6Z5-5QQ2cmEIwbuoHcR-dS2N_cqxTZqBpzkgrySAOzDMTwBhmvxPUnEWuIRL6w9YPdVbLpr08j0wAtLHok7ARhzVuGCtkO72Y3YYN6EJQPuAGsuBZDCQAdssqtoXRipP0CeQjGhiAjGUFo7NmrZMadmori2B7z-QBjkpKO3sFsUkdZM_z5U29o8UT9CuxWSvzapnEMj2F8k_Au525Oovf2cpT-3mqP2CjS6fiIaJ-XJnKitl10Q2e0CMa4Q-7k3-mwHKJ38K2jWmufkNpfMmPgODBFRcSXZhRW8EUXwI2seal907Lskx2qDAUpCH3GJcFZp18d2UsNbtaB6HG_DUY8244iOlk2-7h1FgILtAF8m99886K61QB_TnYhizdIDS6s0OJTFvjc-reswxWVeJowMRl8hFzHf4Bpqm-LiB6Vum65hdBWP61MH3EikuSU_S5wotbk_3N0zh9CjaMFhHaZC0hMcb-LRVaut8kdkNjfiRb7PKXNX1d9Dkd_DvZByRfMR-r-YnDAAudPuDjujyy6mqp-igfCiR09xpEdDkZSB2Eg98e5bo-g5V8zj_nyG41pl0YJYJQcshKIwtmYFA4ivFiE5gAj1y29AflXGxsbTaOxALKAKo6vJtk_0JnXfOwSA3uzakCKkP0_E4Y_4_7c2lNSc7JznoqbVgCFmd0zcYQbgpo4rNDJXXwsxLCor7aWIWS3mm1dIGtq5K08kFqJuJFakp66hw-58CShPQN0SfGnKx6zrpsk6HwOnHcfZcQMcLtV54_7P_WuISsFoFjjvCSBjAkZhPSUbZQsHiMC3_vsip_qOc5-cbh5EFgH02ndrbfBbY1MAoRPujuNa6O0G55kCVgXh-jlqdX30Y8FAZ6umyGbbWdDY95r9KjLS-aVqROEM2C-UA4BgyPY3zvWysgbiDiv2B0S_mFkrdYmo1CfEnN&sai=AMfl-YQSilaTql1hgpIeFnhDbuygSSd_O10XMeeH3rVZh1rhXCjJDCupw0c-7Dd-7FNwgOUGGlCRzWkfqVrR0KZLUfuaAu4_q--b2wazp5CljRjohhvgkfLXIyOgk6DSHTieS7L-EL5PEa2nabWNf-3i5CwPy1_UWUlQsSTc9A&sig=Cg0ArKJSzDQWacnNCsSBEAE&cid=CAQSTgAvHhf_8-eiOvFNlsTj319EoWq4e-zOvK_et34biqvCDw7_T0jd9sdmuI90ImyQ0pdywcHPl96Z1h0uyDVZAuZf8Te0b-SA1P3M8RA5VBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=256,855,1000,1000,1000&tos=256,599,145,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=318752700&rst=1707254727157&rpt=581&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240201&jk=1858468609411516&bg=!xsWlxYrNAAa8BdJLnAU7ADQBe5WfOMk5P6F6YsWU1KDEqZ36ZOvXxFvKd-W7rUXypHgLa-GGh7KL-5aHtwhNyQUWd4zXAgAAAH5SAAAABWgBB5kCwx3fUwIVEJjLPmP3VvJLG64mv5JZNsLH2ZVhFwpMKM5AbITb5THfdujTS6reWKVFoeYOSZDj85SKM6fOsqkzfIZCDUGFHiey640ZknKWKHMRhyYWCPHSKie_OFVTaoYHpmfd75Y69Yyc7RIPrJk2wMj5se8kyyIEIWiLXPg_ie1hSzmRFz0pktR0onNboPJI4nbLdWSYu7EJXGzheBI-QKlF_z0ffutAlq520K3aO5ARt-SNODHV0o1PH88-vWcORDJIuHi_Gv96646q1mpirhOuw2Gygvs1QaRx_V8h76Bgtp0h1reJ2h7QefG9lyPvuugMecdlWEUSEsgsmqsHdUhPzwskkyvsJcFr4cdS-DfcKtYufGbVAxwABvCYWirDcXyKoL0K-R4_839gQ_J5TbHwOb66d0egOUh7cXqvKIcvDbPs3qu-jYPM8ePYAJqUwj_mQAYWP9nmarS3ebnavDkVGQ_SGyciK2O1gSYrDg6RFVet_JTJjssx7F_20xLLt71MsCRHM3GQe9bogAD83O2zaNPg6XmOGJIhAk1j1XylaIYGR2xXzKHDMXd1E_aDavI8OpSe1lTNQAXiq9z2EOTr31HI8oV-CTxuefzymTJhWm5YGLKU2-zIfcrlQOwiXLPaXcC7XsuVH2cXWbQhDpZqwqGcQ4Mke1-DrT8dcDhVGIsgIEcVVbsvN7SVCqv5DMoKQqZJGWws5nFaLQLR9U8F1mKfXY9ve783F5IZN1fs0Vcchw4-V9RAKYqkVDyCDGoaIkLH5vmkoqgHCE5mTxtVdg7p29MjjJ5zM6S-hysttUbtn2kAFgKTtcdU9Td8ye3ps_7_Q31pRdMs29r3eG7SKq9PyyZMuoJfOwO9NH0pvtF7ArNdwVmR6No78-zSICPvRAaMWYgUfBIMdXA7VZ6Dn2y5SIREy_SNNDVM8jmuh-4N
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ds761tbf-pl.fina.guru/	1969-12-31 23:59:59	Name: pers_id Value: 3dafb6fcc53611ee950e005056020efc
ds761tbf-pl.fina.guru/	1970-01-21 02:58:24	Name: csrftoken Value: A2mYYSdT6ava995cWqOWjyEduDW9JXr5
.fina.guru/	1970-01-20 20:23:50	Name: _gcl_au Value: 1.1.606835888.1707254726
.fina.guru/	1970-01-21 03:50:14	Name: _ga Value: GA1.1.1913704747.1707254726
.fina.guru/	1970-01-21 02:59:50	Name: cf_clearance Value: GjBNBpGgqh76jHJWo2XlnZNe0yomaYGa7Op3W2qli3E-1707254726-1-ASsSbFGgqPmWUuOi4or2b/p6MQ7nwFmqBhP+rqwFMVMoZcbvQrhMeasbFM5A30yrRFpTcLlrAQy25Bxio0ucBSU=
.fina.guru/	1970-01-21 03:35:50	Name: __gads Value: ID=29a0f0190906ad26:T=1707254726:RT=1707254726:S=ALNI_MbIwq0ljzBSZLS-tzoc4BNwOwcrQA
.fina.guru/	1970-01-21 03:35:50	Name: __gpi Value: UID=00000dbfeeea3cba:T=1707254726:RT=1707254726:S=ALNI_MYnMNhOTEBMMU6LlfIZNqDIHDZk4Q
.fina.guru/	1970-01-20 22:33:26	Name: __eoi Value: ID=c72a0ff9ce2ae930:T=1707254726:RT=1707254726:S=AA-Afjak-n9-llYrArerWTXbj0qF
ds761tbf-pl.fina.guru/	1969-12-31 23:59:59	Name: click_id Value: 3f122c33c53611ee950e005056020efc
.doubleclick.net/	1970-01-21 03:50:14	Name: IDE Value: AHWqTUnkgXsWLp1Bzu7QQoPkK9EC3z_kHj_VTCz8YgKPwe7TfqNZbS9K2Gowzj_edwg
.fina.guru/	1970-01-21 03:50:14	Name: _ga_TRH92ECSV3 Value: GS1.1.1707254726.1.0.1707254727.59.0.0
.googleadservices.com/	1970-01-20 20:23:50	Name: ar_debug Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ds761tbf-pl.fina.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ds761tbf-pl.fina.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ds761tbf-pl.fina.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ds761tbf-pl.fina.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ds761tbf-pl.fina.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ds761tbf-pl.fina.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ds761tbf-pl.fina.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ds761tbf-pl.fina.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
code.jquery.com
ds761tbf-pl.fina.guru
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.40.130
2001:4860:4802:34::181
2606:4700:3035::6815:46d5
2607:f8b0:4004:c0b::9c
2607:f8b0:4006:806::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2a04:4e42:400::649
003f30a13cbf92c3a27be20aa0d02c8727c3c41f1482076ff0d0963a1dad87b4
03aff9ba10559a70ac312000ccfe9585b762f171283c53c3271d343080425093
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
137d5e1f37f7975772d1fda98452d8ca0a95571fcda704ff79a9061bdcba5d56
1b54232d3e6840a1c3b0a47d0f595d03b942de475ae5d2a8b40718804bdefa4c
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25bda40402b33cf2699493b3e31a3a4fac6e08deb81ff3aab507853c48d8db29
2d8a5a4caf3e8c11f135c7b68e20c12d9781595adba532c7196f13a96b22c245
314f7d0e61704bb35dd98173cbde300b4c2c52e3eca0623a6e2e8d78faddc045
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
371122607bda2ad6dd44a066bc6209e907c044acc56f7fae312cae21a3500fdb
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43f9c3db27f8a7c00fde2187e727de4256a7f960070e7b8639802846538889d8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5e0cd35ecb7050746a53bf627b8ddbdb75468d4c35daeaca7f7d3b56eae1ea0e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6780a23d72086741268990a9e66a5183500f3f6f3e5857e2a83eb0bea46fa619
689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7
7d8f2b222eee286eb7f2e147c2e8b092634586f01b238cf3af30933dcb5b5c97
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8e12db6efc8de2940e41b393137fc8e2a0b9547860e97cb88a8cda5bedbba4db
8e4d13f69a41254cb5fc9982a5e0058f23dd8dc232cc6fabbbfff64fc8d5ef2f
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
99953d3788a76b3b5392d7c3c2fc57a741f5d5c2b263616fdd07938aa2aa1b5b
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9bf108979c8b53fd2f76d29abfb03d162082bcbc1f0c87f04df66f5d2426b411
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
a7dd5a531f6ab34bc9f50c9417743971fe4a9cc76c5bfb12d7ba9a7a237d5dc1
a8a6ac7b49faf270c2cae436021732d5c926b4dfa8dbee594a059ed0ceab392a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab07c08c31c587fc4027282ac920f38b8fe8a479c30bb86c5632e614970387cf
ab509aaec80823ef6b0042067be74a3b8b13ac6fd5a4579d809580b333ee912d
adec71a58be678e01d8aa766db0fa49ec609202b503ca330b2b48a9a818ebd06
b1b8add97fbfd7710e32d0ab792c17e0a30c491aff1fb1cf790b1dd084aa69d4
ba2c4f1cb118b6ca25c486fe525a8607f4fa0d30695833dfe91246a1dcb0ac7c
bf11b30adf6b6ce7703411bca6cdced338a20396c4ee95056bd1afdefebf9ae1
c01eda7f50e5a175644989807fc6c9e60d55d5d69bb50e80426b17b2750fd4fa
ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dbae99783ba217e2b58f09b3920fa9079afb9cc0aedc9d8dc73b880605cdf0aa
dbf4ad6862b4be7deacd8d69c269fcb7b7dc72a2dc3efad542d198fc23529342
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47398dc4a1e2caa214149cdf707bc7cfc564fd6dce2b7eb19e3dabf62e0e512
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09b36d992ea6a0b50af7236f396be1574b25d311399178d79bfff89db76f0cb
f2e3876ae23eb7172110ab1ad802c3f78f558c6bca52ff2c5f3c875cd4ff48a9
fe762e3b5e1e6e8c509d78ea2895fb0fd7ef384c0f59a4c3e0da7b2e215a836b

ds761tbf-pl.fina.guru Open in urlscan Pro 2606:4700:3035::6815:46d5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

98 %HTTPS

93 %IPv6

10 Domains

15 Subdomains

16 IPs

1 Countries

2151 kBTransfer

5808 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ds761tbf-pl.fina.guru Open in urlscan Pro
2606:4700:3035::6815:46d5 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

98 %
HTTPS

93 %
IPv6

10
Domains

15
Subdomains

16
IPs

1
Countries

2151 kB
Transfer

5808 kB
Size

12
Cookies

87 HTTP transactions
3 data transactions