mail.privatbankinfo.com Open in urlscan Pro
91.239.234.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.privatbankinfo.com/
Effective URL:
https://mail.privatbankinfo.com/
Submission: On July 15 via api (July 15th 2022, 3:29:23 pm UTC) from US — Scanned from US

Summary HTTP 127 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 16 domains to perform 127 HTTP transactions. The main IP is 91.239.234.70, located in Ukraine and belongs to HOSTPRO-AS, UA. The main domain is mail.privatbankinfo.com.
TLS certificate: Issued by R3 on July 11th 2022. Valid for: 3 months.

This is the only time mail.privatbankinfo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	91.239.234.70 91.239.234.70	196645 (HOSTPRO-AS) (HOSTPRO-AS)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3034::6815:602c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
3	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
26	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
3	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	74.119.119.137 74.119.119.137	19750 (AS-CRITEO) (AS-CRITEO)
9	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
127	21

13 91.239.234.70 (Ukraine) 1 redirects

ASN196645 (HOSTPRO-AS, UA)
PTR: rocket-cp1.hostsila.org

mail.privatbankinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
privatbankinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:602c (United States)

ASN13335 (CLOUDFLARENET, US)

rbtwo.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:820::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:822::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	criteo.net static.criteo.net — Cisco Umbrella Rank: 649 pix.us.criteo.net — Cisco Umbrella Rank: 2173 csm.us.criteo.net — Cisco Umbrella Rank: 2119	1 MB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	290 KB
13	privatbankinfo.com 1 redirects mail.privatbankinfo.com privatbankinfo.com	117 KB
9	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 4616 ads.us.criteo.com — Cisco Umbrella Rank: 2052 cat.va.us.criteo.com — Cisco Umbrella Rank: 2914	111 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	41 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10333	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	127 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 258	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
2	gstatic.com fonts.gstatic.com	52 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3279	71 KB
2	rbtwo.bid rbtwo.bid — Cisco Umbrella Rank: 588653	11 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	466 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	40 KB
127	16

	Domain	Requested by
26	static.criteo.net	ads.us.criteo.com
12	pagead2.googlesyndication.com	mail.privatbankinfo.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	csm.us.criteo.net	ads.us.criteo.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net mail.privatbankinfo.com
8	privatbankinfo.com	mail.privatbankinfo.com privatbankinfo.com
5	pix.us.criteo.net	ads.us.criteo.com
5	mc.yandex.com	2 redirects mail.privatbankinfo.com
5	mail.privatbankinfo.com	1 redirects mail.privatbankinfo.com rbtwo.bid
3	cat.va.us.criteo.com	ads.us.criteo.com
3	ads.us.criteo.com	googleads.g.doubleclick.net
3	rtb.va.us.criteo.com	googleads.g.doubleclick.net mail.privatbankinfo.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.us.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	mc.yandex.ru	1 redirects mail.privatbankinfo.com
2	rbtwo.bid	mail.privatbankinfo.com rbtwo.bid
2	fonts.googleapis.com	mail.privatbankinfo.com ads.us.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	mail.privatbankinfo.com
127	23

This site contains links to these domains. Also see Links.

Domain
privatbankinfo.com

Subject Issuer	Validity	Valid
privatbankinfo.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.rbtwo.bid E1	`2022-06-04` - `2022-09-02`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-29` - `2022-08-27`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-08-19`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-23` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://mail.privatbankinfo.com/
Frame ID: 7766BB1597B958C86DE3CC4A0B1B4DB5
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: 618D4438A486491DBEA850B8D94EB83D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&adk=1812271804&adf=3025194257&lmt=1599336029&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953796&bpp=3&bdt=587&idt=156&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3929767109103&frm=20&pv=2&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=194
Frame ID: C2B1B2A33C9F26512AEDBFD418AE598F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=280&slotname=1595712220&adk=3890796720&adf=3605483563&pi=t.ma~as.1595712220&w=730&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953799&bpp=3&bdt=590&idt=210&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7EFufAQqGu&p=https%3A//mail.privatbankinfo.com&dtd=219
Frame ID: E41E291D0F72C1B7F0A4B83C4E355A1A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=600&slotname=4726994791&adk=1037433852&adf=2867846401&pi=t.ma~as.4726994791&w=300&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953802&bpp=1&bdt=593&idt=226&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A0fUGlJUz2&p=https%3A//mail.privatbankinfo.com&dtd=234
Frame ID: 1F8816E68B99C0937FD92A317A0073C6
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAAwAcIaAdAAAcL-cXJQutVOo7rpNfKZQ&u=%7CbDDjtIZ2LrblvIVQ1rM8wDEuFJ%2BtRmeKN7CdFtkVz8w%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qR-Cs-DfsJXjpDC1WKAcKdGH2EvNTCtoQERYKefXVBL08vfvHzYB9wPCg_D1SzuCdCsQkAmOxSwYP6zHK_lX0e2N5mSdbTjEP3eAUf23XX_BG4BS9YaSIXMPNVjkFUA00iG9nr2nGYZH9J9WQRf_r1YLqGdZVrQfGzwJMuLhNMKf3mE4m-nk5DP_rfMRPcx0DdyJz7ILRWhD8T7VJojObvoqFalOKmikCJkO_x3NV7zCr16Yutnq28VEaG2P9_VVdohXUdBqO0cXUBGQMB6P8Og3bV7KZZ-gXfeFB-X1MuE8vA1mYAcgWQwMWZvVSkNTGs44fvwiKcKY3RoTSKZ8NWV4iu-qlOu-tTIrVlxcKZE5NPFjTye4QYdYQKhLQ0GHrFmPyKFFivtsxFAkh5mFj8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-PIfyofRYoeAA8COoPMP-ZeckAmcge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE2ODg3NjE3OTgzOTI3NTCgAazd_ugDyAEJqAMBqgTBAU_QH9-nCvyxOJSiV30CUmmgBaxOfGj1VvPIflZH_Y0Tyg0B_JgBdD5IJKIaP5afbM1mHv6R344YJoqlvkZhu99_uVSUvFcq3ina112gvtsidvLWmIOCShvz0oK8eOaxjIUfzv6DE3w5zAhjoo1PzLvVF-BSJ98u_ss6SpMf5H9ux_5q6S5QMmqau2Vzd6hDyhKAtBaIhcR20hAEt7BM9oWpL6Rs4TECES62jxMs975X4MoQmhMzN7ysEHDAwUrUZymABuq9sLSfrP6KRqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1P6wIn6PRs9SK1BgNjuDTrHTtJXw%26client%3Dca-pub-1688761798392750%26adurl%3D
Frame ID: 583A0ABCFA3AB8A91360059519DD2F99
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Frame ID: 970A37E3E0D28D93AFC6DAC4467DC63C
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAA9u4IaApGAAXDWgZ5vbEBbsDzXLSoRw&u=%7CbDDjtIZ2LrZ3ZEN4Ybo6aEjuen0veoAI1F2EqFZaDow%3D%7C&c1=SMhbYeryLxlrMxzU2Hi05WDndzPbI8Os29EPfbAT-5UfG97k5hZBSFMFTqDRfMI5cY3fDL3d-XxmuuUp2lqikH6423Gaow4Wzcpmpl-9padg7kbJN-q_jv6oX5pjqnBktzpsjlRRpRXHqhnAOJWglxYDizZ0Wb9VQiB9fQcgJo0OI6RSCWMd0wqhP0eHMBapbImpOICRQMPgb2D6oG66SrCv0h6ZdbF4YpzkunByv5ZAzAsGCsEHUIkcci4Kv1fkxzWkdlXW6U-wJlkwOptWCAXb6-vgMzMMuINrGN4KKQNJn-CIc2ag9uP3oIRRamn87_LhyCSLhhvHxkjxImq2HsEWy6Y5ZTSWnRn0IRU6yEcquYgwpX0WRRrezz_7dRBj7F946eQGv9nFzKZXgmdwK_y0LlB9seRne4EZSTOj_QMih355o3jD1ovX_CKXQS90BJopUMrMczKVZQcLVsSWApWt5rD1WkVk99CR88NFh_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVne-yofRYu7tA8aUoPMP2oaXyA-cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTY4ODc2MTc5ODM5Mjc1MKABrN3-6APIAQmoAwGqBMEBT9C1MPYV7EFZPBB9H4mEHRmx6z9S5tkaLt9wL3BNvYHMxpR9A_Gva3dPjNSXo6rAznj8cuiNW7Lj03P2uRVwqTfVVKaq8i_cBrp9ZkcVsrmjnFVm47k1vGv2M86Ao4-CHhnUNEKPYXTX6OO4Go0d0glc4dcaItXVv1sPexNQ8Ua3jp9OcRDp_-m5czzkCCH_QpdyIGd2n_aYxchKWX4ZoBGjj_fuDUMGR0OSqc23xkzJq8u_TWVgIJ3ntm6Gqg85RIAGus7LpffBvK0doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pDY_QIDSxaQMfTe7PXXYeD7iFcw%26client%3Dca-pub-1688761798392750%26adurl%3D
Frame ID: 314E0A7810EB3559935D83F035582BFE
Requests: 17 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAAczAIaAVdAALncHJEjETQqhDobW20dQ&u=%7CbDDjtIZ2LrY078JigBlgvCohfiS%2FBxI4EulheUSDgtI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qR-Cs-DfsJX8OWSjtPyWLdn-sd3OoHPuWcJM-_CyaxYchj0-ec8wcj5umEdV1yWIvTec3jP6wSyDluZCGFtCWJ84APreq-B1NYHpSD-VSG4q-KAfBV5vF51bRxgCxKaFJXPl71WJNTB-8lLhfUnSR_ak5ZqgdgYJIxpvWw3rjAx9GFbGa-xenc5VUrIZ4wITv_IvyebTiPKxuE4lkWrCbCXyy6zgYLEfII94X5iS5KxKnBnfLW3FoTpaIRMBs3A7e_14ZIK1kfdOMhcSXpc4Yrr0t6ohLkmLX0L8hvz18sLaGkXQPXyw7Wja28xOaRv-dnVOS16WoVKBnHv49oEeZDTkBd0hb45qG22oWE9Yc7VheH5vuH-SEYEjwatYP0pBh6as89WeEyG3xIGllKZuSxxPxVt5TspbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNnzayofRYrDmAd2KoPMP8M6L8Amcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE2ODg3NjE3OTgzOTI3NTCgAazd_ugDyAEJqAMBqgTCAU_QAs39FWnpPbqDdIPm4RnnL6YV7eBsclyuIhEmFoE0Qp4Z_IB5K2Vh3CzZ6pbzmMlWjaeuJgglWgajiP_5XmIqtWvyedx8ueLa2Xd6lWjrSYq7E9KKdEbHs9k_GxLZjQNoxv53gjEl7QdN5cDcSqYuDMaaC3xAjSAVuSfNLgK571RLv4AYtpXflhB8reLs7PZ4CsD3t0DNQocu9X8EQyzSy7CZYDR7gBLUX44IhtYeckEYPmnb5vgVm8Bv9EygJJ4wgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1uzUS5XcrCQWXVQylbsNuJYuekiQ%26client%3Dca-pub-1688761798392750%26adurl%3D
Frame ID: 4A697AFE8279E5A74FA121F6B68A3D3C
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 663CBD5E7411D85B4E2C87488DFF53D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 762B98F52815DEF7BA2406BBE4338637
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PrivatBankinfo – Информационный сайт для клиентов ПриватБанка

Page URL History Show full URLs

http://mail.privatbankinfo.com/ HTTP 301
https://mail.privatbankinfo.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

127
Requests

87 %
HTTPS

80 %
IPv6

16
Domains

23
Subdomains

21
IPs

3
Countries

2325 kB
Transfer

4077 kB
Size

17
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://privatbankinfo.com/privat24
Title: Приват 24

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta
Title: Кредитные карты

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/universalnaya.html
Title: Карта «Универсальная»

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/gold.html
Title: Карта «Gold»

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/yuniora.html
Title: Карта «Юниора»

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/platinovaya.html
Title: Карта «Платиновая»

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/dlya-vyiplat.html
Title: Карта для выплат

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/pensionnaya.html
Title: Пенсионная карта

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/perevody
Title: Денежные переводы

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/uslugi
Title: Услуги ПриватБанка

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/webdengi
Title: Электронные деньги

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/webdengi/webmoney
Title: Webmoney

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/webdengi/yandexdengi
Title: Яндекс Деньги

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/webdengi/qiwi
Title: Qiwi

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/perevody/perevesti-dengi-s-nomera-telefona-na-kartu-privatbanka.html
Title: Денежные переводы

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/perevody/perevesti-dengi-s-vodafone-na-kartu-privatbanka.html
Title: Денежные переводы

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/informacia/4-sposoba-razblokirovat-kartu-privatbanka-pri-potere.html
Title: Полезная информация

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/privat24/zaregistrirovatsya-v-privat24.html
Title: Приват 24

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/informacia/otdeleniya-privatbanka-v-rossii.html
Title: Полезная информация

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/privat24/udalenie-arhiva-platezhej.html
Title: Приват 24

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/uslugi/kak-otkryt-schet-v-privatbanke.html
Title: Услуги ПриватБанка

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/perevody/iz-belarusi-na-kartu-privatbanka.html
Title: Денежные переводы

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/uslugi/osobennosti-avtostrahovaniya.html
Title: Услуги ПриватБанка

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/uslugi/kak-popolnit-dikij-sad.html
Title: Услуги ПриватБанка

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/page/2
Title: 2

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/page/24
Title: 24

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/zabyl-pin-kod-ot-karty-privabanka.html
Title: Кредитные карты

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/vosstanovit-kartu-privatbanka-onlajn.html
Title: Кредитные карты

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/karta/srok-dejstviya-karty-privatbanka.html
Title: Кредитные карты

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/reklama
Title: Реклама

Search URL Search Domain Scan URL

URL: https://privatbankinfo.com/sitemap
Title: Карта сайта

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.privatbankinfo.com/ HTTP 301
https://mail.privatbankinfo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9700.nrSQHg9X6sR7kpACtvXmBvyau9TGlQDrq6eHpkUmI6W_BgUaWo_Xk8Zo-ZD7cDYZ.DopiZrJMRI-_BpZVOuvlYr--1LI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9700.__LS_WbsdJgX25bfbK-SVt24p_40RKs8ATyQkGJoqhaaGZZLdWN4C3AFZ_sw_nd-VZULnT1SVf8JAZiWdiUSJQ%2C%2C.g9rxHfTf39KaHkesREOcDMEi7h0%2C

Request Chain 101

https://mc.yandex.com/watch/66782326?wmode=7&page-url=https%3A%2F%2Fmail.privatbankinfo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A3673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A840%3Acn%3A1%3Adp%3A0%3Als%3A447440123723%3Ahid%3A82353655%3Az%3A0%3Ai%3A20220715152914%3Aet%3A1657898954%3Ac%3A1%3Arn%3A518157207%3Arqn%3A1%3Au%3A1657898954117661114%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657898949991%3Ads%3A0%2C768%2C860%2C122%2C1585%2C0%2C%2C435%2C3%2C%2C%2C%2C3771%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657898955%3At%3APrivatBankinfo%20%E2%80%93%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20%D0%9F%D1%80%D0%B8%D0%B2%D0%B0%D1%82%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/66782326/1?wmode=7&page-url=https%3A%2F%2Fmail.privatbankinfo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A3673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A840%3Acn%3A1%3Adp%3A0%3Als%3A447440123723%3Ahid%3A82353655%3Az%3A0%3Ai%3A20220715152914%3Aet%3A1657898954%3Ac%3A1%3Arn%3A518157207%3Arqn%3A1%3Au%3A1657898954117661114%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657898949991%3Ads%3A0%2C768%2C860%2C122%2C1585%2C0%2C%2C435%2C3%2C%2C%2C%2C3771%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657898955%3At%3APrivatBankinfo%20%E2%80%93%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20%D0%9F%D1%80%D0%B8%D0%B2%D0%B0%D1%82%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

127 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mail.privatbankinfo.com/
Redirect Chain

http://mail.privatbankinfo.com/
https://mail.privatbankinfo.com/

86 KB
19 KB

1629ms
860ms

Document
text/html

91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed / PHP/7.4.30
Resource Hash: f9e1f55311eb3492fb10f2133144b2c15977f8c8ef5eadaa30c25ec63f00e087

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=15552000
content-encoding: gzip
content-length: 19075
content-type: text/html; charset=UTF-8
date: Fri, 15 Jul 2022 15:29:13 GMT
expires: Wed, 11 Jan 2023 15:29:13 GMT
last-modified: Sat, 05 Sep 2020 20:00:29 GMT
server: LiteSpeed
vary: Accept-Encoding, Cookie,User-Agent
x-powered-by: PHP/7.4.30

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=15552000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Jul 2022 15:29:11 GMT
expires: Wed, 11 Jan 2023 15:29:11 GMT
location: https://mail.privatbankinfo.com/
server: LiteSpeed
vary: Accept-Encoding, Cookie,User-Agent
x-powered-by: PHP/7.4.30
x-redirect-by: WordPress

GET
H2 200 style-front.min.css
privatbankinfo.com/wp-content/plugins/art-decoration-shortcode/assets/css/ 14 KB
3 KB 248ms
246ms Stylesheet
text/css 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privatbankinfo.com/wp-content/plugins/art-decoration-shortcode/assets/css/style-front.min.css
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: 7f5ef32b830dfb74725c9ab1d72555cd71ff48e3eed14a467ca14b1bf992f461

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 10:48:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 2875
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 45ms
24ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fac8d2c12bd4f54331fd14071ae8b9858069205044dca960a76bc499bdcba14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 15:12:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 15 Jul 2022 15:29:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jul 2022 15:29:13 GMT

GET
H2 200 style.min.css
privatbankinfo.com/wp-content/themes/reboot/assets/css/ 219 KB
36 KB 124ms
123ms Stylesheet
text/css 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privatbankinfo.com/wp-content/themes/reboot/assets/css/style.min.css
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: c85c806c76ad2bc2b631967fb58e4b3050462615a0e866df5d0aee78a0090cb0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 13:43:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 37151
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H2 200 style.css
privatbankinfo.com/wp-content/themes/reboot_child/ 287 B
351 B 246ms
245ms Stylesheet
text/css 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privatbankinfo.com/wp-content/themes/reboot_child/style.css
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: 5c260d6fe9022fb9e522a9a8f07117865a394e0c86337ed847c23f3c211e0ec6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
last-modified: Tue, 08 Mar 2022 18:23:24 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 287
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H2 200 jquery.min.js Show response
privatbankinfo.com/wp-includes/js/jquery/ 87 KB
30 KB 247ms
247ms Script
application/javascript 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privatbankinfo.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 15:41:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 30273
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H2 200 jquery-migrate.min.js Show response
privatbankinfo.com/wp-includes/js/jquery/ 11 KB
4 KB 248ms
246ms Script
application/javascript 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privatbankinfo.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
last-modified: Sat, 06 Feb 2021 11:16:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 3995
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET wpshop-core.ttf
privatbankinfo.com/wp-content/themes/reboot/assets/fonts/ 0
0

GET
H2 200 all.min.css
mail.privatbankinfo.com/wp-content/themes/privatbankinfo/css/ 49 KB
10 KB 247ms
246ms Stylesheet
text/css 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.privatbankinfo.com/wp-content/themes/privatbankinfo/css/all.min.css
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: 4e9719e71f79fce40e45936bb79ca9bcccd31ea6cef1e06651697c6d7c7d93b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 10:48:28 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 10611
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 62ms
34ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-176586509-1

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0f1bc2ff026c21892baf65ea8964f8b65ff9d6d3f448962e01bbaadf1a0a6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40293
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jul 2022 15:29:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 82ms
55ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84487a6a60d341b50c5aa54a8f8251bf890cdc580a61001b78ff2fedbe4d5ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56525
x-xss-protection: 0
server: cafe
etag: 5725600154087582388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Jul 2022 15:29:13 GMT

GET
H2 200 L5.TffKF.js Show response
rbtwo.bid/pjs/ 35 KB
10 KB 439ms
387ms Script
application/javascript 2606:4700:3034::6815:602c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbtwo.bid/pjs/L5.TffKF.js

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:602c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fb36ddbb6034aae8d60ad7492a6d476cbfa6bf3fd5c6916f1579e172987670

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:03:12 GMT
server: cloudflare
etag: W/"61f12a70-8bde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhFsQZm07wSezP7eHsltidZuZeytjaE5onVw7Ng3rohwTF%2FUW2eVnyMYUXqjF8KzHQ9GePNTPc6FYgG8coJa015XTqkUjd6yyKxdCB71EtVgO4mKHwEsJWqFFjttGv7Ggzw0t%2FNyOjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400, must_revalidate
cf-ray: 72b3884c7aa1191b-EWR
expires: Fri, 15 Jul 2022 15:39:13 GMT

GET
H2 200 logo.png
privatbankinfo.com/wp-content/uploads/2022/03/ 979 B
1 KB 125ms
122ms Image
image/png 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://privatbankinfo.com/wp-content/uploads/2022/03/logo.png
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: 848f87ba3c851dfd865cd544e78f72ba551afc24a38395b64446b5766114fab3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
last-modified: Tue, 08 Mar 2022 18:37:36 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 979
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H3 200 logoFooter.png
mail.privatbankinfo.com/wp-content/themes/privatbankinfo/img/ 1 KB
2 KB 128ms
126ms Image
image/png 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.privatbankinfo.com/wp-content/themes/privatbankinfo/img/logoFooter.png
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: 1a6a89bbcba15df994ad4c5691a0582dc9f1c843ff47d0b950770e174ce4e10d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
last-modified: Wed, 26 Aug 2020 10:48:28 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=15552000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1348
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H2 200 scripts.min.js Show response
privatbankinfo.com/wp-content/themes/reboot/assets/js/ 51 KB
9 KB 123ms
122ms Script
application/javascript 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privatbankinfo.com/wp-content/themes/reboot/assets/js/scripts.min.js
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: b9fbf62e3358151ff3aea4468c99c5118c76969b19967c24571a6800e04139c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Mar 2022 18:20:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 9140
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H2 200 lazyload.min.js Show response
privatbankinfo.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 125ms
123ms Script
application/javascript 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privatbankinfo.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 15:33:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 2570
expires: Wed, 11 Jan 2023 15:29:13 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 465ms
230ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

beef5c65c6c20fd29fe51ffbddb1657a1cdbc806b7146f94e6cee2b96e3c9f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: br
last-modified: Fri, 15 Jul 2022 10:26:10 GMT
etag: "62d11692-1182c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71724
expires: Fri, 15 Jul 2022 16:29:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 25ms
5ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.privatbankinfo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 02:13:30 GMT
x-content-type-options: nosniff
age: 306943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 02:13:30 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 6ms
4ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.privatbankinfo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 10:24:40 GMT
x-content-type-options: nosniff
age: 18273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jul 2023 10:24:40 GMT

GET Perevod-deneg-s-telefona-na-kartu-768x512.jpg
privatbankinfo.com/wp-content/uploads/2019/02/ 0
0

GET Perevod-deneg-s-telefona-768x512.jpg
privatbankinfo.com/wp-content/uploads/2019/02/ 0
0

GET c3a0397f5546a9b353e4ad09e2aaee1a-768x510.jpg
privatbankinfo.com/wp-content/uploads/2017/11/ 0
0

GET zaregistrirovatsya-v-privat24-1-min.jpg
privatbankinfo.com/wp-content/uploads/2019/04/ 0
0

GET binbakn-1-min.jpg
privatbankinfo.com/wp-content/uploads/2019/04/ 0
0

GET privat-arhiv.png
privatbankinfo.com/wp-content/uploads/2019/04/ 0
0

GET kak-otkryt-schet-v-privatbanke-4.png
privatbankinfo.com/wp-content/uploads/2019/04/ 0
0

GET karti-privat.png
privatbankinfo.com/wp-content/uploads/2019/04/ 0
0

GET avtostrahovaniya-privatbanka-2.jpg
privatbankinfo.com/wp-content/uploads/2019/04/ 0
0

GET kak-popolnit-dikij-sad-1.png
privatbankinfo.com/wp-content/uploads/2019/04/ 0
0

GET plastikovaja_karta.jpeg
privatbankinfo.com/wp-content/uploads/2017/01/ 0
0

GET 820.jpg
privatbankinfo.com/wp-content/uploads/2019/02/ 0
0

GET 3-kard-1-257x300.png
privatbankinfo.com/wp-content/uploads/2017/03/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 24ms
4ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176586509-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3821
date: Fri, 15 Jul 2022 14:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 15 Jul 2022 16:25:32 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 340 KB
120 KB 52ms
40ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ebba83bd0d0be452489b32dec335add9d7a5762be5eba339567952d3554a7d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122479
x-xss-protection: 0
server: cafe
etag: 2603198260484668425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Jul 2022 15:29:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame 618D 10 KB
5 KB 48ms
18ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.privatbankinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 20:31:58 GMT
etag: 10429905676100781186
expires: Thu, 28 Jul 2022 20:31:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET wpshop-core.woff
privatbankinfo.com/wp-content/themes/reboot/assets/fonts/ 0
0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 40ms
23ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=51806553&t=pageview&_s=1&dl=https%3A%2F%2Fmail.privatbankinfo.com%2F&ul=en-us&de=UTF-8&dt=PrivatBankinfo%20%E2%80%93%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20%D0%9F%D1%80%D0%B8%D0%B2%D0%B0%D1%82%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1212017593&gjid=1879880053&cid=886316297.1657898954&tid=UA-176586509-1&_gid=462845026.1657898954&_r=1&gtm=2ou7d0&z=1644179238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.privatbankinfo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.privatbankinfo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
466 B 26ms
25ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mail.privatbankinfo.com&callback=_gfp_s_&client=ca-pub-1688761798392750&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b54e10adc1aa4e09ed78c775baf22bed8938afd0c3ae28ea428880c34dbb1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
22ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mail.privatbankinfo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2B1 37 KB
13 KB 193ms
177ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&adk=1812271804&adf=3025194257&lmt=1599336029&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953796&bpp=3&bdt=587&idt=156&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3929767109103&frm=20&pv=2&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98e4974203b4aed62f7ce9ed892732b77a962352ff3842419a14cd47e0c9ce9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.privatbankinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13285
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 15:29:14 GMT
expires: Fri, 15 Jul 2022 15:29:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E41E 22 KB
9 KB 154ms
153ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=280&slotname=1595712220&adk=3890796720&adf=3605483563&pi=t.ma~as.1595712220&w=730&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953799&bpp=3&bdt=590&idt=210&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7EFufAQqGu&p=https%3A//mail.privatbankinfo.com&dtd=219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cdaf76b1c86c280cb7f8d2524de3b0d32399d792931a552c84da54b8452720d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.privatbankinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9467
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 15:29:14 GMT
expires: Fri, 15 Jul 2022 15:29:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F88 22 KB
9 KB 252ms
247ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=600&slotname=4726994791&adk=1037433852&adf=2867846401&pi=t.ma~as.4726994791&w=300&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953802&bpp=1&bdt=593&idt=226&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A0fUGlJUz2&p=https%3A//mail.privatbankinfo.com&dtd=234

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b428de8051daf9c982c1c7321f297d0fe6fb3ccba3b7184c97be9a82b0e8c330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.privatbankinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9467
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 15:29:14 GMT
expires: Fri, 15 Jul 2022 15:29:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sL5.TffKF.js Show response
mail.privatbankinfo.com/ 47 B
136 B 159ms
151ms XHR
application/javascript 91.239.234.70
HOSTPRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.privatbankinfo.com/sL5.TffKF.js
Requested by: Host: rbtwo.bid
URL: https://rbtwo.bid/pjs/L5.TffKF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.239.234.70 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS: rocket-cp1.hostsila.org
Software: LiteSpeed /
Resource Hash: e4f84133a197f05fd9fac8261d6b2e9801881384c6dc5bc495cb6b0d243bdbd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Sun, 14 Feb 2021 09:43:18 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=15552000
accept-ranges: bytes
content-length: 47
expires: Wed, 11 Jan 2023 15:29:14 GMT

GET
H3 200 cookie Show response
rbtwo.bid/ 2 B
567 B 415ms
369ms XHR
application/json 2606:4700:3034::6815:602c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbtwo.bid/cookie?sub_u=1

Requested by

Host: rbtwo.bid
URL: https://rbtwo.bid/pjs/L5.TffKF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:602c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv80d36hecQNsaV0UL5vTnUD8yI%2FS8GnOlXWns5Nn%2Bt2w0%2B4EWflt5hWgOC8d%2FEFjkgzKfsOSfKZQm%2BSjVr7OTYUNfKZnaiJiLMY7HSg0AKqbm6eTn1q96nBRrXNbP8Nzq7yghLd%2FZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://mail.privatbankinfo.com
access-control-allow-credentials: true
cf-ray: 72b3884f4add5772-IAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame E41E 3 KB
1 KB 66ms
15ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=280&slotname=1595712220&adk=3890796720&adf=3605483563&pi=t.ma~as.1595712220&w=730&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953799&bpp=3&bdt=590&idt=210&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7EFufAQqGu&p=https%3A//mail.privatbankinfo.com&dtd=219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 15:24:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E41E 138 KB
43 KB 81ms
30ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 15:29:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame E41E 17 KB
8 KB 60ms
10ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 15:18:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E41E 0
0 43ms
38ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRXi6yofRYoeAA8COoPMP-ZeckAmcge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE2ODg3NjE3OTgzOTI3NTCgAazd_ugDyAEJqAMBqgS-AU_QH9-nCvyxOJSiV30CUmmgBaxOfGj1VvPIflZH_Y0Tyg0B_JgBdD5IJKIaP5afbM1mHv6R344YJoqlvkZhu99_uVSUvFcq3ina112gvtsidvLWmIOCShvz0oK8eOaxjIUfzv6DE3w5zAhjoo1PzLvVF-BSJ98u_ss6SpMf5H9ux_5q6S5QMmqau2Vzd6hDyhKAtBaIhcR20lIGlyLnBAyp7C0Bbdp4mO0Bszsl2aaTezlqE9qNKZC0uaZRwYmABuq9sLSfrP6KRqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE2ODg3NjE3OTgzOTI3NTAYAA&sigh=TpmU2nVtL8g&uach_m=[UACH]&cid=CAQSGwCNIrLMLtuwqz1c_YFhSGp_phZv6qmQX0L0WhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=280&slotname=1595712220&adk=3890796720&adf=3605483563&pi=t.ma~as.1595712220&w=730&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953799&bpp=3&bdt=590&idt=210&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7EFufAQqGu&p=https%3A//mail.privatbankinfo.com&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 15 Jul 2022 15:29:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:29:14 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame E41E 0
0 193ms
147ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kPC1E836RNoFmALiIp0XAgAAAL_0PQDZ76REEMmH0WLMbe5xqts3eyICnQASAAA&wp=YtGHygAAwAcIaAdAAAcL-cXJQutVOo7rpNfKZQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 179657
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 583A 119 KB
43 KB 121ms
76ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAAwAcIaAdAAAcL-cXJQutVOo7rpNfKZQ&u=%7CbDDjtIZ2LrblvIVQ1rM8wDEuFJ%2BtRmeKN7CdFtkVz8w%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qR-Cs-DfsJXjpDC1WKAcKdGH2EvNTCtoQERYKefXVBL08vfvHzYB9wPCg_D1SzuCdCsQkAmOxSwYP6zHK_lX0e2N5mSdbTjEP3eAUf23XX_BG4BS9YaSIXMPNVjkFUA00iG9nr2nGYZH9J9WQRf_r1YLqGdZVrQfGzwJMuLhNMKf3mE4m-nk5DP_rfMRPcx0DdyJz7ILRWhD8T7VJojObvoqFalOKmikCJkO_x3NV7zCr16Yutnq28VEaG2P9_VVdohXUdBqO0cXUBGQMB6P8Og3bV7KZZ-gXfeFB-X1MuE8vA1mYAcgWQwMWZvVSkNTGs44fvwiKcKY3RoTSKZ8NWV4iu-qlOu-tTIrVlxcKZE5NPFjTye4QYdYQKhLQ0GHrFmPyKFFivtsxFAkh5mFj8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-PIfyofRYoeAA8COoPMP-ZeckAmcge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE2ODg3NjE3OTgzOTI3NTCgAazd_ugDyAEJqAMBqgTBAU_QH9-nCvyxOJSiV30CUmmgBaxOfGj1VvPIflZH_Y0Tyg0B_JgBdD5IJKIaP5afbM1mHv6R344YJoqlvkZhu99_uVSUvFcq3ina112gvtsidvLWmIOCShvz0oK8eOaxjIUfzv6DE3w5zAhjoo1PzLvVF-BSJ98u_ss6SpMf5H9ux_5q6S5QMmqau2Vzd6hDyhKAtBaIhcR20hAEt7BM9oWpL6Rs4TECES62jxMs975X4MoQmhMzN7ysEHDAwUrUZymABuq9sLSfrP6KRqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1P6wIn6PRs9SK1BgNjuDTrHTtJXw%26client%3Dca-pub-1688761798392750%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a801e2e6a45a07bf72c1912fe023a57edbd163de24243e8594990d33fb2bca21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 15:29:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=pLvK1EqGlvnxRU7C1id0maPuUpvg75Jg77bq6z__JbHejIjZqm70IBiKPLDAMA-n95zL5x4mzOCLETaEQcs4hby0rTq7G5HkmI6dRNA7o1ZV3JPUUGOASTT6uEMT4Ltrjs5bCVTcJ7LAml8Rscjwk0KkPbo8IcHHTCalTAtq9V8of7fdREvOeg9f0xb9MHcY3Q7Nmeu0InrOT0auyYghvLnGSkXwQPhXnbJIdF-AY_IdnADnhbaaJMrVtmjwnSQlRE78zu3Y_DznVy1V"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 62456507
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 149 KB
53 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/reactive_library_fy2019.js?bust=31068381

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d39d8d7027864376cbdb37d1ea6bbd1bece665e56da47cd6a3b5df6b784f6537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54368
x-xss-protection: 0
server: cafe
etag: 17834691681939103535
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Jul 2022 15:29:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
27ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-1688761798392750&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9700.nrSQHg9X6sR7kpACtvXmBvyau9TGlQDrq6eHpkUmI6W_BgUaWo_Xk8Zo-ZD7cDYZ.DopiZrJMRI-_BpZVOuvlYr--1LI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9700.__LS_WbsdJgX25bfbK-SVt24p_40RKs8ATyQkGJoqhaaGZZLdWN4C3AFZ_sw_nd-VZULnT1SVf8JAZiWdiUSJQ%2C%2C.g9rxHfTf39KaHkesREOcDMEi7h0%2C

75 B
75 B

116ms
116ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9700.__LS_WbsdJgX25bfbK-SVt24p_40RKs8ATyQkGJoqhaaGZZLdWN4C3AFZ_sw_nd-VZULnT1SVf8JAZiWdiUSJQ%2C%2C.g9rxHfTf39KaHkesREOcDMEi7h0%2C

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9700.__LS_WbsdJgX25bfbK-SVt24p_40RKs8ATyQkGJoqhaaGZZLdWN4C3AFZ_sw_nd-VZULnT1SVf8JAZiWdiUSJQ%2C%2C.g9rxHfTf39KaHkesREOcDMEi7h0%2C
date: Fri, 15 Jul 2022 15:29:14 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 111ms
110ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Fri, 15 Jul 2022 10:26:10 GMT
etag: "62d11692-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 15 Jul 2022 16:29:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 1F88 3 KB
1 KB 28ms
7ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=600&slotname=4726994791&adk=1037433852&adf=2867846401&pi=t.ma~as.4726994791&w=300&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953802&bpp=1&bdt=593&idt=226&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A0fUGlJUz2&p=https%3A//mail.privatbankinfo.com&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 15:24:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F88 138 KB
42 KB 57ms
41ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 15:29:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 1F88 17 KB
7 KB 29ms
9ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 15:18:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 25ms
25ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-1688761798392750&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
25ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mail.privatbankinfo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/ Frame 970A 10 KB
4 KB 14ms
8ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.privatbankinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 66405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 21:02:29 GMT
etag: 10429905676100781186
expires: Thu, 28 Jul 2022 21:02:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 583A 2 KB
1 KB 40ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAAwAcIaAdAAAcL-cXJQutVOo7rpNfKZQ&u=%7CbDDjtIZ2LrblvIVQ1rM8wDEuFJ%2BtRmeKN7CdFtkVz8w%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qR-Cs-DfsJXjpDC1WKAcKdGH2EvNTCtoQERYKefXVBL08vfvHzYB9wPCg_D1SzuCdCsQkAmOxSwYP6zHK_lX0e2N5mSdbTjEP3eAUf23XX_BG4BS9YaSIXMPNVjkFUA00iG9nr2nGYZH9J9WQRf_r1YLqGdZVrQfGzwJMuLhNMKf3mE4m-nk5DP_rfMRPcx0DdyJz7ILRWhD8T7VJojObvoqFalOKmikCJkO_x3NV7zCr16Yutnq28VEaG2P9_VVdohXUdBqO0cXUBGQMB6P8Og3bV7KZZ-gXfeFB-X1MuE8vA1mYAcgWQwMWZvVSkNTGs44fvwiKcKY3RoTSKZ8NWV4iu-qlOu-tTIrVlxcKZE5NPFjTye4QYdYQKhLQ0GHrFmPyKFFivtsxFAkh5mFj8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-PIfyofRYoeAA8COoPMP-ZeckAmcge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE2ODg3NjE3OTgzOTI3NTCgAazd_ugDyAEJqAMBqgTBAU_QH9-nCvyxOJSiV30CUmmgBaxOfGj1VvPIflZH_Y0Tyg0B_JgBdD5IJKIaP5afbM1mHv6R344YJoqlvkZhu99_uVSUvFcq3ina112gvtsidvLWmIOCShvz0oK8eOaxjIUfzv6DE3w5zAhjoo1PzLvVF-BSJ98u_ss6SpMf5H9ux_5q6S5QMmqau2Vzd6hDyhKAtBaIhcR20hAEt7BM9oWpL6Rs4TECES62jxMs975X4MoQmhMzN7ysEHDAwUrUZymABuq9sLSfrP6KRqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1P6wIn6PRs9SK1BgNjuDTrHTtJXw%26client%3Dca-pub-1688761798392750%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 583A 2 KB
1 KB 41ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 583A 308 B
636 B 23ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 583A 293 B
621 B 21ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 583A 43 B
348 B 65ms
18ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=XI8PxHm44W8GqITV2MjljHs71DYQYbSmbeSuBdWjCqPZSwYyi-okhhuvn_kZAwcqKJCw35_9Ru7i4V_Py8Th3lEw2nicf7yHwxQZIMB88OaoqrTj9Gdlk9A8TE1OiCXaSkRung4plj62LMOZrq1oo9DSENyUTcCIDVXZHd-WvEHI4kEp2M5rnC9aKo-oHSgrUviBSuvBe9vQG8OMi7WMbwNy4pZX2L47mZGz8rrbZ7ydW1GfbRqgefGJcNokynWFuj9yN8Hhr7K8_tlz5lDepZKlBKNXiqnEqGnsLzBAnPERY_QGvfMcTeDFYXONhjbgP86bE9pxt0BKx1DccWBpMp7SrIbWga6erLZ0n7dq2v0sdex_z6lUIl8ugr2CRNhirRcoC8ipqDtrSkF1aw8UmARgkqo7nNwZTGv5su81inZwwn0UUcc6GxWU0J33f7NpyuYdxQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:14 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3428745
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1F88 0
0 38ms
35ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjHzwyofRYu7tA8aUoPMP2oaXyA-cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTY4ODc2MTc5ODM5Mjc1MKABrN3-6APIAQmoAwGqBL4BT9C1MPYV7EFZPBB9H4mEHRmx6z9S5tkaLt9wL3BNvYHMxpR9A_Gva3dPjNSXo6rAznj8cuiNW7Lj03P2uRVwqTfVVKaq8i_cBrp9ZkcVsrmjnFVm47k1vGv2M86Ao4-CHhnUNEKPYXTX6OO4Go0d0glc4dcaItXVv1sPexNQ8Ua3jp9OcRDp_-m5czzkCCH_QpdyIGd2n_aYh8pqy9XrKRFgBppi5jmPhPSugcSZ3ohSWLE2hNt-DIVOYP-GaYAGus7LpffBvK0doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTY4ODc2MTc5ODM5Mjc1MBgA&sigh=GGe5sSvJ55A&uach_m=[UACH]&cid=CAQSGwCNIrLMogrWpCLUfemwmelbtaGZvbxgShQtxxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=600&slotname=4726994791&adk=1037433852&adf=2867846401&pi=t.ma~as.4726994791&w=300&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953802&bpp=1&bdt=593&idt=226&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A0fUGlJUz2&p=https%3A//mail.privatbankinfo.com&dtd=234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 15 Jul 2022 15:29:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 1F88 0
0 14ms
10ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOK0C9aCMKwC2ATiIp0XAgAAAIFGHVXslfQNEMmH0WIwLQ5LSQaN68timAASAAA&wp=YtGHygAA9u4IaApGAAXDWgZ5vbEBbsDzXLSoRw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 176232
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 314E 66 KB
24 KB 32ms
29ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAA9u4IaApGAAXDWgZ5vbEBbsDzXLSoRw&u=%7CbDDjtIZ2LrZ3ZEN4Ybo6aEjuen0veoAI1F2EqFZaDow%3D%7C&c1=SMhbYeryLxlrMxzU2Hi05WDndzPbI8Os29EPfbAT-5UfG97k5hZBSFMFTqDRfMI5cY3fDL3d-XxmuuUp2lqikH6423Gaow4Wzcpmpl-9padg7kbJN-q_jv6oX5pjqnBktzpsjlRRpRXHqhnAOJWglxYDizZ0Wb9VQiB9fQcgJo0OI6RSCWMd0wqhP0eHMBapbImpOICRQMPgb2D6oG66SrCv0h6ZdbF4YpzkunByv5ZAzAsGCsEHUIkcci4Kv1fkxzWkdlXW6U-wJlkwOptWCAXb6-vgMzMMuINrGN4KKQNJn-CIc2ag9uP3oIRRamn87_LhyCSLhhvHxkjxImq2HsEWy6Y5ZTSWnRn0IRU6yEcquYgwpX0WRRrezz_7dRBj7F946eQGv9nFzKZXgmdwK_y0LlB9seRne4EZSTOj_QMih355o3jD1ovX_CKXQS90BJopUMrMczKVZQcLVsSWApWt5rD1WkVk99CR88NFh_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVne-yofRYu7tA8aUoPMP2oaXyA-cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTY4ODc2MTc5ODM5Mjc1MKABrN3-6APIAQmoAwGqBMEBT9C1MPYV7EFZPBB9H4mEHRmx6z9S5tkaLt9wL3BNvYHMxpR9A_Gva3dPjNSXo6rAznj8cuiNW7Lj03P2uRVwqTfVVKaq8i_cBrp9ZkcVsrmjnFVm47k1vGv2M86Ao4-CHhnUNEKPYXTX6OO4Go0d0glc4dcaItXVv1sPexNQ8Ua3jp9OcRDp_-m5czzkCCH_QpdyIGd2n_aYxchKWX4ZoBGjj_fuDUMGR0OSqc23xkzJq8u_TWVgIJ3ntm6Gqg85RIAGus7LpffBvK0doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pDY_QIDSxaQMfTe7PXXYeD7iFcw%26client%3Dca-pub-1688761798392750%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

dd92907e8a1c3306eaf7c6064f68f313d49fa010aa58e1d215e0db7bf0dae131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 15:29:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=uSDMukqGlvnxRU7CRU-Y2P9uaFj-YGa17DKQ3EXj4f1VOO-5x_hkz6_WMCM4K04bQKo-JRJ1aTCsMcyxXErWfhgP9vnjCXmXtbqdeNxddcF42mjsaAFTJrqEYGc4j8Ny6hbT_Nc1o_CAOnL8oc93Xoa6hpTzXn6wjuR4ZXz7zSGcdkr79SjMrKo1P86xtPIBx64qfMK8gs5h7pkH75g4XvXS0rqNLMan11uvRRHgTEDH9eBTUMYZvKBCjS__kkugPlBhMVI74eet4xkr"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 14413923
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame E41E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fde7fff48cbb538311299e2c0e52572bebd649e96c8f3db390ec3e16a8b277c5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 583A 12 KB
5 KB 46ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2478567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5opfxKzscK7HpMMcu7FYWRXo9NdUdl3xs6aJEvZrQSPL%2BhR961hDM7rSAUnmR88oIQ5Yus66TtiYDpDaMGpvPFMYrj8fAo4rMApXMkz9kPrNld8vt3ULeOhucrV%2F2FLuYqA9MOkTva%2B%2F0Ctk5nhBjLrL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72b38851fb908c69-EWR
expires: Wed, 05 Jul 2023 15:29:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 583A 12 KB
6 KB 13ms
12ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 80507424a411483faedc735e69c2852f_geomanist-regular.woff
static.criteo.net/design/dt/ Frame 583A 21 KB
21 KB 69ms
23ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/80507424a411483faedc735e69c2852f_geomanist-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

553bded3ff0bf474130a082d75a0c4d066c853914433557d593dc992d9d51fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Sat, 03 Nov 2018 17:36:51 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bdddcb3-5488"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 b57e4fccc721420c922d322fe7c764b8_geomanist-bold.woff
static.criteo.net/design/dt/ Frame 583A 21 KB
21 KB 59ms
13ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b57e4fccc721420c922d322fe7c764b8_geomanist-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

e998c052a3d814d2983353e5c03daf0620ba9caa61d5677a9ae6de76b34f7721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Sat, 03 Nov 2018 17:36:51 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bdddcb3-52b0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 583A 8 KB
8 KB 57ms
11ms Image
image/png 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=556&m=0&partner=96246&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F96246%2F220519%2F2e80e139ca66464988ecb967ddc7368f_truewerk_logo.png&v=3&w=196&s=CjONg2HBmhzCK66Gr12Xr509

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

eecb367bb48813253613e806accefef9692fc6486febc963dc0c424bd0553105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=26185452
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8236
expires: Sun, 14 May 2023 17:13:27 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 583A 24 KB
24 KB 59ms
15ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96246&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0888%2F4876%2Fproducts%2FTruewerk-T2-MensWerkPant-WolfGrey.jpg%3Fv%3D1656466362&v=3&w=800&s=g2YmxoG1TM0PvhFjh0s98CHI&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc427ae76c8c2d4247ca74e3259b6b4ae7284e117d9bf12666dd9ee6723a5e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30201653
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24658
expires: Fri, 30 Jun 2023 04:50:07 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 583A 0
128 B 42ms
11ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=pLvK1EqGlvnxRU7C1id0maPuUpvg75Jg77bq6z__JbHejIjZqm70IBiKPLDAMA-n95zL5x4mzOCLETaEQcs4hby0rTq7G5HkmI6dRNA7o1ZV3JPUUGOASTT6uEMT4Ltrjs5bCVTcJ7LAml8Rscjwk0KkPbo8IcHHTCalTAtq9V8of7fdREvOeg9f0xb9MHcY3Q7Nmeu0InrOT0auyYghvLnGSkXwQPhXnbJIdF-AY_IdnADnhbaaJMrVtmjwnSQlRE78zu3Y_DznVy1V&sds=2&rev=82042.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:14 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 583A 2 KB
1 KB 16ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 583A 2 KB
1 KB 14ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 970A 0
0 32ms
30ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBQwfyofRYrDmAd2KoPMP8M6L8Amcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE2ODg3NjE3OTgzOTI3NTCgAazd_ugDyAEJqAMBqgS_AU_QAs39FWnpPbqDdIPm4RnnL6YV7eBsclyuIhEmFoE0Qp4Z_IB5K2Vh3CzZ6pbzmMlWjaeuJgglWgajiP_5XmIqtWvyedx8ueLa2Xd6lWjrSYq7E9KKdEbHs9k_GxLZjQNoxv53gjEl7QdN5cDcSqYuDMaaC3xAjSAVuSfNLgK571RLv4AYtpXflhB8reLs7PZ4CsD3t0DNQods91-W6N5by3MQDbiQ-psX6LIgj_gGttrrROASWOY5g2m5ZUxjgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xNjg4NzYxNzk4MzkyNzUwGAA&sigh=IvtwyYhYfHw&uach_m=[UACH]&cid=CAQSGwCNIrLMqpPOydy9xacpJ-ZcJZisGAr7svSi8hgB

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 15 Jul 2022 15:29:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 970A 0
0 12ms
11ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kPC1E836RO0HfOIinRcCAAAABbWkyP0tzFUQyYfRYqn2ql2CXeRt3Cc3ABIAAA&wp=YtGHygAAczAIaAVdAALncHJEjETQqhDobW20dQ

Requested by

Host: mail.privatbankinfo.com
URL: https://mail.privatbankinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 214347
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 4A69 124 KB
43 KB 66ms
64ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAAczAIaAVdAALncHJEjETQqhDobW20dQ&u=%7CbDDjtIZ2LrY078JigBlgvCohfiS%2FBxI4EulheUSDgtI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qR-Cs-DfsJX8OWSjtPyWLdn-sd3OoHPuWcJM-_CyaxYchj0-ec8wcj5umEdV1yWIvTec3jP6wSyDluZCGFtCWJ84APreq-B1NYHpSD-VSG4q-KAfBV5vF51bRxgCxKaFJXPl71WJNTB-8lLhfUnSR_ak5ZqgdgYJIxpvWw3rjAx9GFbGa-xenc5VUrIZ4wITv_IvyebTiPKxuE4lkWrCbCXyy6zgYLEfII94X5iS5KxKnBnfLW3FoTpaIRMBs3A7e_14ZIK1kfdOMhcSXpc4Yrr0t6ohLkmLX0L8hvz18sLaGkXQPXyw7Wja28xOaRv-dnVOS16WoVKBnHv49oEeZDTkBd0hb45qG22oWE9Yc7VheH5vuH-SEYEjwatYP0pBh6as89WeEyG3xIGllKZuSxxPxVt5TspbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNnzayofRYrDmAd2KoPMP8M6L8Amcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE2ODg3NjE3OTgzOTI3NTCgAazd_ugDyAEJqAMBqgTCAU_QAs39FWnpPbqDdIPm4RnnL6YV7eBsclyuIhEmFoE0Qp4Z_IB5K2Vh3CzZ6pbzmMlWjaeuJgglWgajiP_5XmIqtWvyedx8ueLa2Xd6lWjrSYq7E9KKdEbHs9k_GxLZjQNoxv53gjEl7QdN5cDcSqYuDMaaC3xAjSAVuSfNLgK571RLv4AYtpXflhB8reLs7PZ4CsD3t0DNQocu9X8EQyzSy7CZYDR7gBLUX44IhtYeckEYPmnb5vgVm8Bv9EygJJ4wgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1uzUS5XcrCQWXVQylbsNuJYuekiQ%26client%3Dca-pub-1688761798392750%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3f6a9d899552d8d11a5287000ee3b88291acd0d6bea3d9b9d7356237ce23c25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 15:29:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=xYLr5EqGlvnxRU7CqMspCXP_xOJPX9-qxpS5fufTerxWzKuTtLH64NfdkFJrtjV5eIHih44xxoWjvNkuEzf0qVDGiyCG2XiifWhk5ABQ-1ySIhFYxXRybiHE1SJqIw54K8LZso3R10b4ZKAA8-g9FFpOF-hpDsf3iyGJEOo6TmRY7qvhluifVBc9EdPK6c_Km1gR3p8YVa67U45B032ud-wQF13QWQKxJKhVByC5AjQhoxTBhwTJi0h0N-1PNqApSkRWx3gWQ6THVjhK"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53304748
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 970A 3 KB
1 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 15:24:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 970A 138 KB
42 KB 40ms
38ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 15:29:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 970A 17 KB
7 KB 13ms
11ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 15:18:57 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 314E 2 KB
1 KB 15ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAA9u4IaApGAAXDWgZ5vbEBbsDzXLSoRw&u=%7CbDDjtIZ2LrZ3ZEN4Ybo6aEjuen0veoAI1F2EqFZaDow%3D%7C&c1=SMhbYeryLxlrMxzU2Hi05WDndzPbI8Os29EPfbAT-5UfG97k5hZBSFMFTqDRfMI5cY3fDL3d-XxmuuUp2lqikH6423Gaow4Wzcpmpl-9padg7kbJN-q_jv6oX5pjqnBktzpsjlRRpRXHqhnAOJWglxYDizZ0Wb9VQiB9fQcgJo0OI6RSCWMd0wqhP0eHMBapbImpOICRQMPgb2D6oG66SrCv0h6ZdbF4YpzkunByv5ZAzAsGCsEHUIkcci4Kv1fkxzWkdlXW6U-wJlkwOptWCAXb6-vgMzMMuINrGN4KKQNJn-CIc2ag9uP3oIRRamn87_LhyCSLhhvHxkjxImq2HsEWy6Y5ZTSWnRn0IRU6yEcquYgwpX0WRRrezz_7dRBj7F946eQGv9nFzKZXgmdwK_y0LlB9seRne4EZSTOj_QMih355o3jD1ovX_CKXQS90BJopUMrMczKVZQcLVsSWApWt5rD1WkVk99CR88NFh_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVne-yofRYu7tA8aUoPMP2oaXyA-cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTY4ODc2MTc5ODM5Mjc1MKABrN3-6APIAQmoAwGqBMEBT9C1MPYV7EFZPBB9H4mEHRmx6z9S5tkaLt9wL3BNvYHMxpR9A_Gva3dPjNSXo6rAznj8cuiNW7Lj03P2uRVwqTfVVKaq8i_cBrp9ZkcVsrmjnFVm47k1vGv2M86Ao4-CHhnUNEKPYXTX6OO4Go0d0glc4dcaItXVv1sPexNQ8Ua3jp9OcRDp_-m5czzkCCH_QpdyIGd2n_aYxchKWX4ZoBGjj_fuDUMGR0OSqc23xkzJq8u_TWVgIJ3ntm6Gqg85RIAGus7LpffBvK0doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pDY_QIDSxaQMfTe7PXXYeD7iFcw%26client%3Dca-pub-1688761798392750%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 314E 2 KB
1 KB 17ms
14ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 314E 308 B
636 B 24ms
21ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 314E 293 B
621 B 22ms
20ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 314E 43 B
347 B 17ms
14ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=A24JB8xMoBmYJPMpVRCr0Y6lTGhr-hUsAJkPSEyx76XebpZDtsMxraNpME-juhquRyTY_aabA_bNZQCJN9LmJYBmwu1s9lQIsYbj1_14FVJvYzWGOFnLTOT_ij7HC_Q7Z12ht4z4DoXYgfr6jlfc-hSvuU2ZtjKT7QY-8GXP_oolC9qyvF5_KJ_9zHRzxZlinKrveg3ICU1GPVBK2Wf_MUNgGy7RFC3mE2mfDWsGtIzNxwlSQGMBA_lNprv5ciAD0NVxx48GvFzCtVcjz9NKZSEF17Av63GkzxqWc7_hxLekq9HyTwLYWSqf-CMxyOp-ZlI3R8IDgd-W_LOFw8kzH6AZoeggiWRVzoecolM_b7xA1w15bKa3BApoKfx57Budwx_wY4qe13d6XvbE5ifWQ1qv4zRJ-0tYfVMGhCA181Nk8OWEBlGhIJu3ldgQdtTAhy3CwJ0zmMR70Oos5TMFkOVdjbU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:13 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2996625
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 09a4db39f5f24ed8b8a81f4e36d91be4_da9ffefeff15947298be0ef91ee2e470.png
static.criteo.net/design/dt/51260/201001/ Frame 314E 7 KB
7 KB 25ms
23ms Image
image/png 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/51260/201001/09a4db39f5f24ed8b8a81f4e36d91be4_da9ffefeff15947298be0ef91ee2e470.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

dd46a7779b4e9df68f5ce76a9dc35ce214daab4b0723077aafb3bc7843a7c617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Thu, 01 Oct 2020 19:47:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5f76323b-1adb"
strict-transport-security: max-age=31536000; preload;
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6875
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H3 403 css
fonts.googleapis.com/ Frame 314E 0
0 52ms
22ms Stylesheet
text/html 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Helvetica
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAA9u4IaApGAAXDWgZ5vbEBbsDzXLSoRw&u=%7CbDDjtIZ2LrZ3ZEN4Ybo6aEjuen0veoAI1F2EqFZaDow%3D%7C&c1=SMhbYeryLxlrMxzU2Hi05WDndzPbI8Os29EPfbAT-5UfG97k5hZBSFMFTqDRfMI5cY3fDL3d-XxmuuUp2lqikH6423Gaow4Wzcpmpl-9padg7kbJN-q_jv6oX5pjqnBktzpsjlRRpRXHqhnAOJWglxYDizZ0Wb9VQiB9fQcgJo0OI6RSCWMd0wqhP0eHMBapbImpOICRQMPgb2D6oG66SrCv0h6ZdbF4YpzkunByv5ZAzAsGCsEHUIkcci4Kv1fkxzWkdlXW6U-wJlkwOptWCAXb6-vgMzMMuINrGN4KKQNJn-CIc2ag9uP3oIRRamn87_LhyCSLhhvHxkjxImq2HsEWy6Y5ZTSWnRn0IRU6yEcquYgwpX0WRRrezz_7dRBj7F946eQGv9nFzKZXgmdwK_y0LlB9seRne4EZSTOj_QMih355o3jD1ovX_CKXQS90BJopUMrMczKVZQcLVsSWApWt5rD1WkVk99CR88NFh_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVne-yofRYu7tA8aUoPMP2oaXyA-cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTY4ODc2MTc5ODM5Mjc1MKABrN3-6APIAQmoAwGqBMEBT9C1MPYV7EFZPBB9H4mEHRmx6z9S5tkaLt9wL3BNvYHMxpR9A_Gva3dPjNSXo6rAznj8cuiNW7Lj03P2uRVwqTfVVKaq8i_cBrp9ZkcVsrmjnFVm47k1vGv2M86Ao4-CHhnUNEKPYXTX6OO4Go0d0glc4dcaItXVv1sPexNQ8Ua3jp9OcRDp_-m5czzkCCH_QpdyIGd2n_aYxchKWX4ZoBGjj_fuDUMGR0OSqc23xkzJq8u_TWVgIJ3ntm6Gqg85RIAGus7LpffBvK0doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pDY_QIDSxaQMfTe7PXXYeD7iFcw%26client%3Dca-pub-1688761798392750%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 zepto-studio-1.0.1.js Show response
static.criteo.net/zepto/ Frame 314E 28 KB
11 KB 25ms
21ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/zepto/zepto-studio-1.0.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Wed, 21 Aug 2019 08:32:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5d5d018f-6f5d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
DATA 200
OK truncated
/ Frame 1F88 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 471ca8f1340392b2c5795bb626225d7ab1abacff67cfaf49c2d745bd43b9914c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 206 ae5f290bf3784dec9b2fdcfb53200908_0df297563e68d0b56b114a508d0486ee.mp4
static.criteo.net/design/dt/51260/201001/ Frame 314E 1 MB
1 MB 23ms
22ms Media
video/mp4 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/51260/201001/ae5f290bf3784dec9b2fdcfb53200908_0df297563e68d0b56b114a508d0486ee.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1515478519d2d4827cede94296a98f5326424dffab01e857f8be88e639a54f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Thu, 01 Oct 2020 19:47:07 GMT
server: nginx
access-control-allow-origin: *
cross-origin-embedder-policy: require-corp
etag: "5f76323b-136067"
strict-transport-security: max-age=31536000; preload;
content-type: video/mp4
Content-Range: bytes 0-1269862/1269863
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 1269863
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4A69 2 KB
1 KB 54ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YtGHygAAczAIaAVdAALncHJEjETQqhDobW20dQ&u=%7CbDDjtIZ2LrY078JigBlgvCohfiS%2FBxI4EulheUSDgtI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qR-Cs-DfsJX8OWSjtPyWLdn-sd3OoHPuWcJM-_CyaxYchj0-ec8wcj5umEdV1yWIvTec3jP6wSyDluZCGFtCWJ84APreq-B1NYHpSD-VSG4q-KAfBV5vF51bRxgCxKaFJXPl71WJNTB-8lLhfUnSR_ak5ZqgdgYJIxpvWw3rjAx9GFbGa-xenc5VUrIZ4wITv_IvyebTiPKxuE4lkWrCbCXyy6zgYLEfII94X5iS5KxKnBnfLW3FoTpaIRMBs3A7e_14ZIK1kfdOMhcSXpc4Yrr0t6ohLkmLX0L8hvz18sLaGkXQPXyw7Wja28xOaRv-dnVOS16WoVKBnHv49oEeZDTkBd0hb45qG22oWE9Yc7VheH5vuH-SEYEjwatYP0pBh6as89WeEyG3xIGllKZuSxxPxVt5TspbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNnzayofRYrDmAd2KoPMP8M6L8Amcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE2ODg3NjE3OTgzOTI3NTCgAazd_ugDyAEJqAMBqgTCAU_QAs39FWnpPbqDdIPm4RnnL6YV7eBsclyuIhEmFoE0Qp4Z_IB5K2Vh3CzZ6pbzmMlWjaeuJgglWgajiP_5XmIqtWvyedx8ueLa2Xd6lWjrSYq7E9KKdEbHs9k_GxLZjQNoxv53gjEl7QdN5cDcSqYuDMaaC3xAjSAVuSfNLgK571RLv4AYtpXflhB8reLs7PZ4CsD3t0DNQocu9X8EQyzSy7CZYDR7gBLUX44IhtYeckEYPmnb5vgVm8Bv9EygJJ4wgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1uzUS5XcrCQWXVQylbsNuJYuekiQ%26client%3Dca-pub-1688761798392750%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 4A69 2 KB
1 KB 57ms
54ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4A69 308 B
636 B 58ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4A69 293 B
621 B 59ms
53ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 4A69 43 B
347 B 21ms
15ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=IpxjOy44ZOoTwHC3ACieSKSbH83aTVRwoUT-elWd9RRavjAYnRZG78S_pokzsViHjFECCXe42ICpaE-G9_cHWkGi-Jt0XoA1oECHrZAAAWZxwwmVWSC6JIBel8jg_-yCvH4Wfgbw7cazO04FzSnrGEPxeDbwCCeQAuxsBkg4iF8gJtDUfndo18t77gUjWdmIer5eiionCaL6yUVBVVJMZDOw40aAZ9QW7WKDVdkO4D2OWunRc-SkbyOleomBhAixwYeRIP74ZwePv2SKx9_xbVtF65ptVqa8ipAUaaaw_2hQ0QyXyS3KvzfnI7-U6WCnm1vp2I0TeHL1W6CJiYp__LNv2ld50yyLUnYwCP_nLmFOOz-JZ1Y3NlSKT8HViQvHpjvqzbiiJ6j3eFoBzPECs8bJZezcO0K_YnsnI6HaMfNoqbHpWc41kAqGVorwoLktKqbS7w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:14 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4394586
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4A69 12 KB
5 KB 41ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 239599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BT%2BI%2BlB5rKDTgGtueKu7ODhyUWaQpOf14huISfZtvx4kwnlft40ijqnuYAEH%2FsU46CYuDdUO9zwqTklAAGQ%2BDBwm6jkxaZv4BSVYBQ7ViKUgiftmkgQvCSdKLHUaVJTDR95c8yTGI75FmZClSBwCXB6O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72b38853df2b8cbd-EWR
expires: Wed, 05 Jul 2023 15:29:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4A69 12 KB
6 KB 54ms
53ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 80507424a411483faedc735e69c2852f_geomanist-regular.woff
static.criteo.net/design/dt/ Frame 4A69 21 KB
21 KB 15ms
15ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/80507424a411483faedc735e69c2852f_geomanist-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

553bded3ff0bf474130a082d75a0c4d066c853914433557d593dc992d9d51fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Sat, 03 Nov 2018 17:36:51 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bdddcb3-5488"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/66782326/
Redirect Chain

https://mc.yandex.com/watch/66782326?wmode=7&page-url=https%3A%2F%2Fmail.privatbankinfo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A3673%3Afu%3A0%3Aen%3...
https://mc.yandex.com/watch/66782326/1?wmode=7&page-url=https%3A%2F%2Fmail.privatbankinfo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A3673%3Afu%3A0%3Aen...

338 B
492 B

118ms
118ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66782326/1?wmode=7&page-url=https%3A%2F%2Fmail.privatbankinfo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A3673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A840%3Acn%3A1%3Adp%3A0%3Als%3A447440123723%3Ahid%3A82353655%3Az%3A0%3Ai%3A20220715152914%3Aet%3A1657898954%3Ac%3A1%3Arn%3A518157207%3Arqn%3A1%3Au%3A1657898954117661114%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657898949991%3Ads%3A0%2C768%2C860%2C122%2C1585%2C0%2C%2C435%2C3%2C%2C%2C%2C3771%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657898955%3At%3APrivatBankinfo%20%E2%80%93%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20%D0%9F%D1%80%D0%B8%D0%B2%D0%B0%D1%82%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

549f8a5b6c12b5ea2d93bc133e1bf737286512d53cf89a89105d64c683a95313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 15-Jul-2022 15:29:15 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mail.privatbankinfo.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Fri, 15-Jul-2022 15:29:15 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Fri, 15-Jul-2022 15:29:14 GMT
location: /watch/66782326/1?wmode=7&page-url=https%3A%2F%2Fmail.privatbankinfo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A3673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A840%3Acn%3A1%3Adp%3A0%3Als%3A447440123723%3Ahid%3A82353655%3Az%3A0%3Ai%3A20220715152914%3Aet%3A1657898954%3Ac%3A1%3Arn%3A518157207%3Arqn%3A1%3Au%3A1657898954117661114%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657898949991%3Ads%3A0%2C768%2C860%2C122%2C1585%2C0%2C%2C435%2C3%2C%2C%2C%2C3771%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657898955%3At%3APrivatBankinfo%20%E2%80%93%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20%D0%9F%D1%80%D0%B8%D0%B2%D0%B0%D1%82%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://mail.privatbankinfo.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 15-Jul-2022 15:29:14 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 4A69 8 KB
8 KB 20ms
14ms Image
image/png 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=244&m=0&partner=96246&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F96246%2F220519%2F2e80e139ca66464988ecb967ddc7368f_truewerk_logo.png&v=3&w=196&s=qC_fLvLd-JcXrgKY4YIX8tWW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

eecb367bb48813253613e806accefef9692fc6486febc963dc0c424bd0553105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=26185452
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8236
expires: Sun, 14 May 2023 17:13:27 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 4A69 27 KB
28 KB 22ms
16ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96246&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0888%2F4876%2Fproducts%2FTruewerk-Tech-Polo-Heathered-Olive-FRONT.jpg%3Fv%3D1647632344&v=3&w=800&s=a1NB2thcsraxVf_SM-m-B4Uz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5303479c9b08a983db835ad0b32230027cf48e5916ad1337eb53ee8568bfaefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29510781
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 28088
expires: Thu, 22 Jun 2023 04:55:36 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 4A69 0
127 B 16ms
11ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=xYLr5EqGlvnxRU7CqMspCXP_xOJPX9-qxpS5fufTerxWzKuTtLH64NfdkFJrtjV5eIHih44xxoWjvNkuEzf0qVDGiyCG2XiifWhk5ABQ-1ySIhFYxXRybiHE1SJqIw54K8LZso3R10b4ZKAA8-g9FFpOF-hpDsf3iyGJEOo6TmRY7qvhluifVBc9EdPK6c_Km1gR3p8YVa67U45B032ud-wQF13QWQKxJKhVByC5AjQhoxTBhwTJi0h0N-1PNqApSkRWx3gWQ6THVjhK&sds=2&rev=82042.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:14 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4A69 2 KB
1 KB 24ms
20ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4A69 2 KB
1 KB 26ms
23ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
DATA 200
OK truncated
/ Frame 970A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 894962d5f21da7cd1e567d2b4424837818916fbc1d7a7caa86b1a1ab5395ad7b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.us.criteo.net/ Frame 314E 0
127 B 11ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=uSDMukqGlvnxRU7CRU-Y2P9uaFj-YGa17DKQ3EXj4f1VOO-5x_hkz6_WMCM4K04bQKo-JRJ1aTCsMcyxXErWfhgP9vnjCXmXtbqdeNxddcF42mjsaAFTJrqEYGc4j8Ny6hbT_Nc1o_CAOnL8oc93Xoa6hpTzXn6wjuR4ZXz7zSGcdkr79SjMrKo1P86xtPIBx64qfMK8gs5h7pkH75g4XvXS0rqNLMan11uvRRHgTEDH9eBTUMYZvKBCjS__kkugPlBhMVI74eet4xkr&sds=2&rev=82042.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:14 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 314E 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 314E 2 KB
1 KB 12ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:29:14 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 314E 8 KB
8 KB 14ms
11ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fimages.menswearhouse.com%2Fis%2Fimage%2FTMW%2FMWTSP19_WED_PSL_FML_1912_MAIN%3Fwid%3D600%26hei%3D600&v=3&w=800&s=_uiJ2vNWTe7A_id7-uVyCpU_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

060f3d758aba91f7ea6a319bb082ed256a91c2cb3ee8daf5a9d7c43a2fd4b414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:14 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=3734
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7910
expires: Fri, 15 Jul 2022 16:31:29 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 50ms
32ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dba4fef084f11b1f90df1203fe4433ddc12dc220a59941c2278f0252c754dade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jul 2022 15:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10817
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 15:29:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 663C 13 KB
5 KB 6ms
5ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.privatbankinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 59111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 23:04:04 GMT
expires: Fri, 14 Jul 2023 23:04:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 762B 783 B
1 KB 55ms
24ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb7dd07c57132eedd2c70cfbfc22c98518205499bdb6834a697a3dfaea863d08

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ek3_PIdgNgljo9Y0_CGc8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mail.privatbankinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ek3_PIdgNgljo9Y0_CGc8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 15:29:15 GMT
expires: Fri, 15 Jul 2022 15:29:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 663C 36 KB
14 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 10:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 10:24:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 762B 0
0 38ms
38ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=3433687574403869&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 663C 0
9 B 5ms
4ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2JFHVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:29:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E41E 42 B
64 B 21ms
20ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoA-WiADi1MymjyEVJYEcbohZs5cRfX8ZX3GQHjZpKTPpUrbN2B2lZEf5VlHhOFyL1N8W2ST820cegyqQmdqOc0Bxg&sig=Cg0ArKJSzI2tiwEBoT90EAE&id=lidar2&mcvt=1008&p=0,0,280,730&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3890796720&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657898954021&rpt=385&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F88 42 B
64 B 22ms
20ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupSVMxfTi9OG3mO41iR6exqE5JQ_3AaRc9hVN3DNGWzQR9rKoJkaQ9X1cXRO8XNIqcM2gvYXdn7DOi4vpjvhYcBrk&sig=Cg0ArKJSzDBdtWzBRvJ_EAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=1037433852&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657898954038&rpt=636&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 583A 0
127 B 15ms
15ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:14 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 970A 42 B
64 B 21ms
21ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-3FKqNkvUbr1bME3Mh92NxOiJskFuJR4DEWffDpj14PhpAS4CaKHE4wgV5r4PnLGpshAOj5gj99R4-CnKwjpYOrid&sig=Cg0ArKJSzFeAd24SatOvEAE&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=161,825,1002,1048,1048&tos=161,664,177,46,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657898954441&rpt=422&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 15:29:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=3433687574403869&bg=!z8ylzIjNAAaYcLjmuHA7ACkAdvg8Wn1zthj2Gzz9NJDNKCKD5KfX8CndTuRkfT9-q5r2ms3lNhYVbgIAAADkUgAAAANoAQcKALAO5tBLhvxCFmDtw-pv79FQB481qpv-0BUnVIxRiYy1xxRlb3rv7gKehUDuhwoBDGIe3VYvno_lWcZ7ujuO4aZoAoTSx9bOVN_R6fozfFE4cUDjbgitZxyFYiBhiY13vKuO3nIqIngmtbEduY-zCpjOZFJZdy4Ugx4TPJxNgoXft3pO6F0Q8EpZS-rZcyUwnPHeYXHlJJ5aLH2u676LTR73HTNaCQptuS5LsTk2IPcgF5kCqDqv1gDukRXbTFZPGtlagsyYhrQV5X61eH5Z2NfaJhbDLlh4g7Cm8O0tUnq_xs1g71xNT6SawmiweAkKjz8lhsYudJNhL_oyNTVrj5eTwlvoppSbpjLbAbY3-V4PQncEGB4xzMksY2f5mclmPzE_W_0BnWdB3jKSar-ytSgadLFNe-l4HblEeELLIE1Df7oQeVZg8D5WWrkKP6nKca-YXpkb_gZ44xKbrB43uPr59KneC31AAemtvEXY_boKqBzUZtJhEI2JXwaooCpZt1lvHyvwQl7Hr44ln4k8utb17CdCq9sJfD53x2rk-sJ1aqtWSIJ3i0CwSDDk76eQFTn3kEnLoBJQ3VmTI0HpWWsHhpn5wxMcIhx5fHQFYcWliTjNJRcffUIO4Ih7ey6Zg1xO1b1ym_dxyf7d5ZlcB5lI5XefYdd-s9M_ySM75rwLbfgc_lMUgal3cNvL6zOxprKorQfrRepCikkZwkPhbaFhl10bp1ldKvIrwgAW-dk_fKbsHiXDvtTzYNqEcMGK9_ZgtHpjwqLCOKiGlrZ6z13jrhmqUDtgCSJUusNrUq8I4tlyD-aD4iiKDdq8DKPukCarUxHl2wKGlrufaEHi7eXmMtkIN-n7VAqJGqtdKQfg9Z1QAAzPaWzYJH92UpLqe_WB8pyUsRijqfO_KRiyZKiev96xlWNBxPGJisOgBk4zy5RHSyeo4l-IKBY1KcA7n5dnDACyCjvNy-0QQ1xYFLbMwrOlrLQjajskBOHQIbamzeQ1k26KJ5331eEB-A4be3Rz_-mE1SRhmX5UFqE2rtu87sTzdWDy9Ogw1QHGURoKtZKBGqyrbUOUawc32t-nEsyKS98MicLT76IfW0E_A1APiW90HwReJyLCdax3wkRMJYFJXjExGGn7pzxv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.privatbankinfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

POST
H2 200 all
csm.us.criteo.net/ Frame 4A69 0
127 B 11ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:15 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.us.criteo.net/ Frame 314E 0
127 B 15ms
14ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:15 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.us.criteo.net/ Frame 314E 0
127 B 10ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:19 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.us.criteo.net/ Frame 583A 0
127 B 19ms
18ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.us.criteo.net/ Frame 314E 0
127 B 10ms
9ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jul 2022 15:29:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: privatbankinfo.com
URL: https://privatbankinfo.com/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/02/Perevod-deneg-s-telefona-na-kartu-768x512.jpg

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/02/Perevod-deneg-s-telefona-768x512.jpg

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2017/11/c3a0397f5546a9b353e4ad09e2aaee1a-768x510.jpg

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/04/zaregistrirovatsya-v-privat24-1-min.jpg

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/04/binbakn-1-min.jpg

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/04/privat-arhiv.png

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/04/kak-otkryt-schet-v-privatbanke-4.png

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/04/karti-privat.png

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/04/avtostrahovaniya-privatbanka-2.jpg

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/04/kak-popolnit-dikij-sad-1.png

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2017/01/plastikovaja_karta.jpeg

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2019/02/820.jpg

Domain: privatbankinfo.com
URL: http://privatbankinfo.com/wp-content/uploads/2017/03/3-kard-1-257x300.png

Domain: privatbankinfo.com
URL: https://privatbankinfo.com/wp-content/themes/reboot/assets/fonts/wpshop-core.woff

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.privatbankinfo.com/	1970-01-20 22:02:50	Name: _ga Value: GA1.2.886316297.1657898954
.privatbankinfo.com/	1970-01-20 04:33:05	Name: _gid Value: GA1.2.462845026.1657898954
.privatbankinfo.com/	1970-01-20 04:31:39	Name: _gat_gtag_UA_176586509_1 Value: 1
.privatbankinfo.com/	1970-01-20 13:53:14	Name: __gads Value: ID=13075f60d8d49f34-221403aed9d300d7:T=1657898953:RT=1657898953:S=ALNI_MY4nqRwgzOSYK_CFnfpV3QlFFqDtA
.privatbankinfo.com/	1970-01-20 13:53:14	Name: __gpi Value: UID=00000646a3815949:T=1657898953:RT=1657898953:S=ALNI_MZa9XkmcS8SlxQXZF9aaXiy91C1Vw
.doubleclick.net/	1970-01-20 22:02:50	Name: IDE Value: AHWqTUmi-io8XX1QoJqRDcV4Ukbv22KYO5qgwhM390JbVEffnEEIXW08a9e1NXeYrIg
.privatbankinfo.com/	1970-01-20 13:17:14	Name: _ym_uid Value: 1657898954117661114
.privatbankinfo.com/	1970-01-20 13:17:14	Name: _ym_d Value: 1657898954
.doubleclick.net/	1970-01-20 04:31:39	Name: test_cookie Value: CheckForPermission
.mc.yandex.com/	1970-01-20 04:31:39	Name: sync_cookie_csrf Value: 1318087151fake
.privatbankinfo.com/	1970-01-20 04:32:50	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 04:31:39	Name: sync_cookie_csrf Value: 4045108384fake
.yandex.com/	1970-01-20 13:17:14	Name: yandexuid Value: 96233321657898954
.yandex.com/	1970-01-20 13:17:14	Name: yuidss Value: 96233321657898954
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1798076831657898954
.yandex.com/	1970-01-23 20:07:38	Name: i Value: 4/DonPTUctOLLOj+X12vVoAPNoxk8g9mwi7LQY+pB79S4l8I2VmMSnpX3UklWmK4g15pIvlboJCl2F6rH5v/tkMBioA=
.yandex.com/	1970-01-20 13:17:14	Name: ymex Value: 1689434954.yrts.1657898954#1689434954.yrtsi.1657898954

42 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/ Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/02/Perevod-deneg-s-telefona-na-kartu-768x512.jpg'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/02/Perevod-deneg-s-telefona-768x512.jpg'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2017/11/c3a0397f5546a9b353e4ad09e2aaee1a-768x510.jpg'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/04/zaregistrirovatsya-v-privat24-1-min.jpg'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/04/binbakn-1-min.jpg'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/04/privat-arhiv.png'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/04/kak-otkryt-schet-v-privatbanke-4.png'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/04/karti-privat.png'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/04/avtostrahovaniya-privatbanka-2.jpg'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/04/kak-popolnit-dikij-sad-1.png'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure element 'http://privatbankinfo.com/wp-content/uploads/2022/03/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2017/01/plastikovaja_karta.jpeg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2019/02/820.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.privatbankinfo.com/(Line 16) Message: Mixed Content: The page at 'https://mail.privatbankinfo.com/' was loaded over HTTPS, but requested an insecure image 'http://privatbankinfo.com/wp-content/uploads/2017/03/3-kard-1-257x300.png'. This request has been blocked; the content must be served over HTTPS.
javascript	error	URL: https://mail.privatbankinfo.com/ Message: Access to font at 'https://privatbankinfo.com/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf' from origin 'https://mail.privatbankinfo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://privatbankinfo.com/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1688761798392750&output=html&h=280&slotname=1595712220&adk=3890796720&adf=3605483563&pi=t.ma~as.1595712220&w=730&fwrn=4&fwrnh=100&lmt=1599336029&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fmail.privatbankinfo.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657898953799&bpp=3&bdt=590&idt=210&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3929767109103&frm=20&pv=1&ga_vid=886316297.1657898954&ga_sid=1657898954&ga_hid=51806553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44760911%2C31068381%2C44764002&oid=2&pvsid=3433687574403869&tmod=177964789&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7EFufAQqGu&p=https%3A//mail.privatbankinfo.com&dtd=219 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	error	URL: https://mail.privatbankinfo.com/ Message: Access to font at 'https://privatbankinfo.com/wp-content/themes/reboot/assets/fonts/wpshop-core.woff' from origin 'https://mail.privatbankinfo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://privatbankinfo.com/wp-content/themes/reboot/assets/fonts/wpshop-core.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://fonts.googleapis.com/css?family=Helvetica Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9700.__LS_WbsdJgX25bfbK-SVt24p_40RKs8ATyQkGJoqhaaGZZLdWN4C3AFZ_sw_nd-VZULnT1SVf8JAZiWdiUSJQ%2C%2C.g9rxHfTf39KaHkesREOcDMEi7h0%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
csm.us.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mail.privatbankinfo.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
privatbankinfo.com
rbtwo.bid
rtb.va.us.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
privatbankinfo.com
2001:4860:4802:32::178
2606:4700:3034::6815:602c
2606:4700::6811:180e
2607:f8b0:4006:80b::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2008
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:822::2001
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2a02:6b8::1:119
74.119.119.137
74.119.119.147
74.119.119.149
91.239.234.70
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
060f3d758aba91f7ea6a319bb082ed256a91c2cb3ee8daf5a9d7c43a2fd4b414
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
1515478519d2d4827cede94296a98f5326424dffab01e857f8be88e639a54f83
1a6a89bbcba15df994ad4c5691a0582dc9f1c843ff47d0b950770e174ce4e10d
3cdaf76b1c86c280cb7f8d2524de3b0d32399d792931a552c84da54b8452720d
3f6a9d899552d8d11a5287000ee3b88291acd0d6bea3d9b9d7356237ce23c25e
471ca8f1340392b2c5795bb626225d7ab1abacff67cfaf49c2d745bd43b9914c
49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9719e71f79fce40e45936bb79ca9bcccd31ea6cef1e06651697c6d7c7d93b0
5303479c9b08a983db835ad0b32230027cf48e5916ad1337eb53ee8568bfaefe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549f8a5b6c12b5ea2d93bc133e1bf737286512d53cf89a89105d64c683a95313
553bded3ff0bf474130a082d75a0c4d066c853914433557d593dc992d9d51fe2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c260d6fe9022fb9e522a9a8f07117865a394e0c86337ed847c23f3c211e0ec6
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6ebba83bd0d0be452489b32dec335add9d7a5762be5eba339567952d3554a7d4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7b54e10adc1aa4e09ed78c775baf22bed8938afd0c3ae28ea428880c34dbb1be
7f5ef32b830dfb74725c9ab1d72555cd71ff48e3eed14a467ca14b1bf992f461
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84487a6a60d341b50c5aa54a8f8251bf890cdc580a61001b78ff2fedbe4d5ee6
848f87ba3c851dfd865cd544e78f72ba551afc24a38395b64446b5766114fab3
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
894962d5f21da7cd1e567d2b4424837818916fbc1d7a7caa86b1a1ab5395ad7b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fac8d2c12bd4f54331fd14071ae8b9858069205044dca960a76bc499bdcba14
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
98e4974203b4aed62f7ce9ed892732b77a962352ff3842419a14cd47e0c9ce9b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a801e2e6a45a07bf72c1912fe023a57edbd163de24243e8594990d33fb2bca21
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b428de8051daf9c982c1c7321f297d0fe6fb3ccba3b7184c97be9a82b0e8c330
b9fbf62e3358151ff3aea4468c99c5118c76969b19967c24571a6800e04139c4
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
beef5c65c6c20fd29fe51ffbddb1657a1cdbc806b7146f94e6cee2b96e3c9f24
c85c806c76ad2bc2b631967fb58e4b3050462615a0e866df5d0aee78a0090cb0
cc427ae76c8c2d4247ca74e3259b6b4ae7284e117d9bf12666dd9ee6723a5e96
d0f1bc2ff026c21892baf65ea8964f8b65ff9d6d3f448962e01bbaadf1a0a6f2
d39d8d7027864376cbdb37d1ea6bbd1bece665e56da47cd6a3b5df6b784f6537
dba4fef084f11b1f90df1203fe4433ddc12dc220a59941c2278f0252c754dade
dd46a7779b4e9df68f5ce76a9dc35ce214daab4b0723077aafb3bc7843a7c617
dd92907e8a1c3306eaf7c6064f68f313d49fa010aa58e1d215e0db7bf0dae131
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f84133a197f05fd9fac8261d6b2e9801881384c6dc5bc495cb6b0d243bdbd0
e8fb36ddbb6034aae8d60ad7492a6d476cbfa6bf3fd5c6916f1579e172987670
e998c052a3d814d2983353e5c03daf0620ba9caa61d5677a9ae6de76b34f7721
eb7dd07c57132eedd2c70cfbfc22c98518205499bdb6834a697a3dfaea863d08
eecb367bb48813253613e806accefef9692fc6486febc963dc0c424bd0553105
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9e1f55311eb3492fb10f2133144b2c15977f8c8ef5eadaa30c25ec63f00e087
fde7fff48cbb538311299e2c0e52572bebd649e96c8f3db390ec3e16a8b277c5

mail.privatbankinfo.com Open in urlscan Pro 91.239.234.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

87 %HTTPS

80 %IPv6

16 Domains

23 Subdomains

21 IPs

3 Countries

2325 kBTransfer

4077 kBSize

17 Cookies

31 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mail.privatbankinfo.com Open in urlscan Pro
91.239.234.70 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

87 %
HTTPS

80 %
IPv6

16
Domains

23
Subdomains

21
IPs

3
Countries

2325 kB
Transfer

4077 kB
Size

17
Cookies

127 HTTP transactions
3 data transactions