torgi.24bank.su Open in urlscan Pro
5.9.49.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://torgi.24bank.su/
Effective URL:
https://torgi.24bank.su/
Submission: On December 06 via api (December 6th 2022, 7:41:35 am UTC) from US — Scanned from US

Summary HTTP 155 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 21 domains to perform 155 HTTP transactions. The main IP is 5.9.49.156, located in Germany and belongs to HETZNER-AS, DE. The main domain is torgi.24bank.su.
TLS certificate: Issued by R3 on December 5th 2022. Valid for: 3 months.

This is the only time torgi.24bank.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	5.9.49.156 5.9.49.156	24940 (HETZNER-AS) (HETZNER-AS)
2	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
7	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
7	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
4	2600:141b:13:... 2600:141b:13::17d7:82a8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1 2	142.251.40.134 142.251.40.134	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21da:2600:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
3 5	2607:f8b0:400... 2607:f8b0:4006:808::2004	15169 (GOOGLE) (GOOGLE)
4	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:9547:efa7:eb91:ca4b	14618 (AMAZON-AES) (AMAZON-AES)
8	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	63.251.86.50 63.251.86.50	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	51.222.39.187 51.222.39.187	16276 (OVH) (OVH)
1 1	44.207.243.83 44.207.243.83	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
155	26

16 5.9.49.156 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.156.49.9.5.clients.your-server.de

torgi.24bank.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:81e::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81c::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:81d::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80c::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:821::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:822::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:13::17d7:82a8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:2600:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:808::2004 (Hudson Falls, United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:9547:efa7:eb91:ca4b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.64.98 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.50 (Rhoadesville, United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.187 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.243.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-243-83.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	555 KB
27	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 ad.doubleclick.net — Cisco Umbrella Rank: 173 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	153 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	227 KB
16	24bank.su 1 redirects torgi.24bank.su	206 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 675 pix.us.criteo.net — Cisco Umbrella Rank: 2548 csm.us.criteo.net — Cisco Umbrella Rank: 2547	43 KB
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 361 fonts.googleapis.com — Cisco Umbrella Rank: 51	45 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 470 rtb0.doubleverify.com — Cisco Umbrella Rank: 751 rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 2190 tps.doubleverify.com — Cisco Umbrella Rank: 492 tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1412	132 KB
7	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 87 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8380	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	234 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495 ups.analytics.yahoo.com — Cisco Umbrella Rank: 317	2 KB
3	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 5448 ads.us.criteo.com — Cisco Umbrella Rank: 2492 cat.va.us.criteo.com — Cisco Umbrella Rank: 2910	46 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1126	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 635	1 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3018	57 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 242	5 KB
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 700	472 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 847	517 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 351	465 B
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 669	581 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	695 B
155	21

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	pagead2.googlesyndication.com	torgi.24bank.su pagead2.googlesyndication.com ajax.googleapis.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
16	torgi.24bank.su	1 redirects torgi.24bank.su
10	www.gstatic.com	googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
8	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	static.criteo.net	ads.us.criteo.com
7	fonts.googleapis.com	ajax.googleapis.com googleads.g.doubleclick.net cdnjs.cloudflare.com
6	mc.yandex.com	2 redirects torgi.24bank.su mc.yandex.ru
5	pix.us.criteo.net	ads.us.criteo.com
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	cdn.doubleverify.com	ads.us.criteo.com cdn.doubleverify.com torgi.24bank.su
3	csm.us.criteo.net	ads.us.criteo.com
2	ups.analytics.yahoo.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	ap.lijit.com	2 redirects
2	ad.doubleclick.net	1 redirects ads.us.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects torgi.24bank.su
2	ajax.googleapis.com	torgi.24bank.su
1	tpsc-ue1.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	rtbc-ue1.doubleverify.com	cdn.doubleverify.com
1	ads.yieldmo.com	1 redirects
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	d.agkn.com	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
155	36

This site contains links to these domains. Also see Links.

Domain
torgi.gov.ru
go.leadgid.ru

Subject Issuer	Validity	Valid
torgi.24bank.su R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-08` - `2023-01-09`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-30` - `2023-01-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-07` - `2023-02-07`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://torgi.24bank.su/
Frame ID: D4579930905C68CF5DD5B5628534F828
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: F4B8CD9D885829464C9B7A6E2A2EE407
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=600&slotname=2429665799&adk=3756833032&adf=3677047716&pi=t.ma~as.2429665799&w=300&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=300x600&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467318&bpp=25&bdt=954&idt=1655&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=4806985550821&frm=20&pv=2&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tbaecqZ3tl&p=https%3A//torgi.24bank.su&dtd=1857
Frame ID: 51D8A36F39A9EF2CF7305CB777527FFD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=3025194257&lmt=1670309262&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftorgi.24bank.su%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467426&bpp=14&bdt=1063&idt=1902&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=2073
Frame ID: 41DECC48CAB27B85E6085EB18CA55660
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=8148896336&adk=1940793308&adf=3240874266&pi=t.ma~as.8148896336&w=680&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=680x280&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467505&bpp=3&bdt=1141&idt=2050&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C0x0&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=o9S3Qr8N3R&p=https%3A//torgi.24bank.su&dtd=2063
Frame ID: 1863FB9D9A229B34F2D7FE1E7C73E0B4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=350&slotname=4600533562&adk=1857923861&adf=1839787983&pi=t.ma~as.4600533562&w=350&lmt=1670309262&format=350x350&url=https%3A%2F%2Ftorgi.24bank.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467521&bpp=9&bdt=1158&idt=2350&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc5dc03ef8b3c303c-2226593fded80004%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MZ4TMZEFVUQ6TvGRED8j98GGlAmjw&gpic=UID%3D000008c68ff8c63b%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MbzwJ-q2UsJ5bZECrCSuoJc1hZBug&prev_fmts=300x600%2C0x0%2C680x280&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HRYES37ztl&p=https%3A//torgi.24bank.su&dtd=2401
Frame ID: 6BD3D0EB681B48DC9192BD066330A92A
Requests: 15 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y47yFQAJkwkITw4CAA1Kpb12QlSqJvhXrMawqw&u=%7CC9Tf4TZdwEnI8W8Al90nkAjrjc3ajGDdL%2FE7EZHatv0%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGNpto_MXuDqKOROXOwHnusQPczbSGC8MrIeJIakerMV1XAT5JqIgiDbApLvhgEMTeyu2C99dOThg_KWRSO5upl7eGC9KwaGrW94hy4PAzVqC4yglSYoqeQtWn3iU_lSopcrjj-8zBLorCZCSuw-C9pU6KtDO_u7sbUBswaGizFmWCvmGEsEPPIyPG-wRoXTec-K2_AmYa7LfPJp83fo--5Gxm4eEJRFvYupGAhVnk-LNL0cbM9tmCjCKX8EQC3R48Mth0b-KvyDpWKdH9BnzwPuFRXz2aiDVWVZLeTk3XJm0n6gSufX_XEB51RWF16H8hvc_eicgRVowFZHHrdfTIf17fCYeAs4VlLdyEgl14FV0QLIx1ZNtvnKAIn30NyZII4p_ogEKVLrAf9CAoCerdVilV3dGCxylxmbH2eDrWvpTWylhZHJS8ZNpTjBXja-cmEQkvoEtz5RvcYzSuH7JTEWesqsjS8KfI_7K1YZaENwK9v60_LlVZffWyyQNfLM8Sjj_jYcuQ5SICNlZHlMPfIt57ZrNPf70JAtdyBKUw2NBwtT0r_JzmMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJuQPFfKOY4mmJoKcvPIPpZW16Aycge-wXKqxqqp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTExNDk5MzQzODA3NTQ0NsgBCagDAaoEvQFP0GeB2I_b9lM0K1cyVov7nZ475HHgyhEdes4xzzdZsZ3CUFNthlm0AE0igz3MDq-vNdLjFNppLHk2GDJaLk1sHPHF8Q3Wc-2s9Eak5xXTrRsT5ussWUzIc3Ovk21yIDdId8zgiL20Oi7XACN_6h7oBYi4Mqam6rrTg4JxlQHeF5Y2_J9QUaP4mOOFOM0QBtUBjLJxy5TNtR3K6e_e5klBWgtL-TLj2wJQkfTcM2oICXXFif4Uqxz4wZdlWAeABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZjZkgXIK2umW90hS8S9y8vpUnpQ%26client%3Dca-pub-1114993438075446%26adurl%3D
Frame ID: DE9D992383CCBEBF819CF0DFE5FABFD9
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: 77F5EEF037AF2FE74A9086F4EFE56BD8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: CEAED97CD28D2CE7235D7C3D993E1B19
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Frame ID: 8ED4C392345D1C46C1F89A535CA463DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1BFBB44F4720B64F4F4C3BE9C708E068
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0B6354903C2D787F16FA3C4BD3C3D76
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 37CD26036271A6AAC4C2A16428D0E7A0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A310DC37ECF899252B88CEDE2747A8E3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3304.js
Frame ID: B3E74D2054CE0F52565F5E1677E567DC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5354E5187BF772DBEBFDEB327C60605F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Frame ID: BEA1C82BC41C11CCB7221347268B2606
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Frame ID: B7CD34EC3E81A0EFDAE6B74BE6C00886
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 38C93030F90CD8EC4A57F4A9B1F63C24
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C74E3A8E777DAF8F97649F4D28E61A20
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Торги гов ру - официальный сайт, проведение торгов в РФ.

Page URL History Show full URLs

http://torgi.24bank.su/ HTTP 301
https://torgi.24bank.su/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

155
Requests

94 %
HTTPS

66 %
IPv6

21
Domains

36
Subdomains

26
IPs

4
Countries

1705 kB
Transfer

4562 kB
Size

26
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://torgi.gov.ru/index.html
Title: torgi.gov.ru

Search URL Search Domain Scan URL

URL: https://torgi.gov.ru/
Title: https://torgi.gov.ru

Search URL Search Domain Scan URL

URL: https://go.leadgid.ru/SH3u5
Title: <img alt="Кредитная карта Тинькофф" src="/wp-content/themes/torginfo/images/credit-card.png" />

Search URL Search Domain Scan URL

URL: http://torgi.gov.ru/restricted/
Title: Войти на сайт

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://torgi.24bank.su/ HTTP 301
https://torgi.24bank.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9844.2r3u2O8aCh0iKhr_iAKHrzZncbAyUZaIF9XFzViBaBoz3Ty2harlL3BFkwGLifgN.j7h5Rb78iuJdFtzVmKF7lJiEkOY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9844.-wvj_qImex8GN94iAPKBxxNNp0DVzf1n0Zqmcshgyqvi0n6P4D0M7-oaHSXRJ7uhPq573ZwmMXuEuhQ5Z27_pJ3CzY5QWRenw6C7dIvcQyM%2C.t-ThDypZnlcOZWnJjCwqDMZXcIw%2C

Request Chain 63

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=638ef215b9de1dc96390d4862b6df675;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CJa0-uu-5PsCFQoPaAgdktUKpw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=638ef215b9de1dc96390d4862b6df675;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=

Request Chain 76

https://mc.yandex.com/watch/65105596?wmode=7&page-url=https%3A%2F%2Ftorgi.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A2388%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A423419665829%3Ahid%3A257440611%3Az%3A0%3Ai%3A20221206074109%3Aet%3A1670312470%3Ac%3A1%3Arn%3A311832092%3Arqn%3A1%3Au%3A1670312470955277002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A15%2C284%2C262%2C2%2C930%2C0%2C%2C748%2C75%2C%2C%2C%2C2285%3Aco%3A0%3Acpf%3A1%3Ans%3A1670312464828%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670312471%3At%3A%D0%A2%D0%BE%D1%80%D0%B3%D0%B8%20%D0%B3%D0%BE%D0%B2%20%D1%80%D1%83%20-%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%2C%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%20%D0%B2%20%D0%A0%D0%A4.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/65105596/1?wmode=7&page-url=https%3A%2F%2Ftorgi.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A2388%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A423419665829%3Ahid%3A257440611%3Az%3A0%3Ai%3A20221206074109%3Aet%3A1670312470%3Ac%3A1%3Arn%3A311832092%3Arqn%3A1%3Au%3A1670312470955277002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A15%2C284%2C262%2C2%2C930%2C0%2C%2C748%2C75%2C%2C%2C%2C2285%3Aco%3A0%3Acpf%3A1%3Ans%3A1670312464828%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670312471%3At%3A%D0%A2%D0%BE%D1%80%D0%B3%D0%B8%20%D0%B3%D0%BE%D0%B2%20%D1%80%D1%83%20-%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%2C%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%20%D0%B2%20%D0%A0%D0%A4.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 102

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIkl-MH0JbNSTCS2E3ZgMpM&google_cver=1&google_push=ASkJ3Fbh-lKN66oNxzDVUwoGK1y7A7F4xFV3TtAm88RIbzwhVlD_jrW9EEqwFnrT9A8DSGwTudE-p1i4o5BIIA7ii9Enxqt3QIJRVXhk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbh-lKN66oNxzDVUwoGK1y7A7F4xFV3TtAm88RIbzwhVlD_jrW9EEqwFnrT9A8DSGwTudE-p1i4o5BIIA7ii9Enxqt3QIJRVXhk&google_hm=eS1nbi5TUld0RTJwRUtkWFFWQl83cHdDMF80MENyRkxVT35B

Request Chain 103

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP4RmlR2p5tpC94G68juy4Y&google_cver=1&google_push=ASkJ3FYVaBB7sXZhTOxIXjTE1T5pCo3IKM0qkCEM3X4y1EF1rjM1VatZ2hCK12853e8IoK6BZi3GbiIo70VtCNKx28ChoI7E0zANZX9C HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCV1g0ODQtMUEtNFpVVg==&google_push=ASkJ3FYVaBB7sXZhTOxIXjTE1T5pCo3IKM0qkCEM3X4y1EF1rjM1VatZ2hCK12853e8IoK6BZi3GbiIo70VtCNKx28ChoI7E0zANZX9C

Request Chain 104

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEINvoQ6mphHJFSf6YapFlTI&google_cver=1&google_push=ASkJ3FYZAHjWB4z6zziaP6BtC8hJY-k_Mkc4NchanDp63E27FV0X7e7RNahPjs45rF9kRh3cM1svGPZaU7gLUlf5HuMFGyQYSXAZTtg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEINvoQ6mphHJFSf6YapFlTI&google_cver=1&google_push=ASkJ3FYZAHjWB4z6zziaP6BtC8hJY-k_Mkc4NchanDp63E27FV0X7e7RNahPjs45rF9kRh3cM1svGPZaU7gLUlf5HuMFGyQYSXAZTtg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FYZAHjWB4z6zziaP6BtC8hJY-k_Mkc4NchanDp63E27FV0X7e7RNahPjs45rF9kRh3cM1svGPZaU7gLUlf5HuMFGyQYSXAZTtg&google_hm=FxQNiGZH2GqhBA6BReub4-LH

Request Chain 105

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEP-ijIspSDfHCkgaD7-kZc8&google_cver=1&google_push=ASkJ3FZgIiRwnF00YOLpWOy8OdwkncNt8FWzpBlIOC3sDVT9fGGAAGj7WyxjQygw7v2ujUE9un8uGbNnygdTnXq58b82wb0Syyk2NFo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhOZhr4Z_Qh2rTry2Y_m76GAQDjfXaTLokg&google_push=ASkJ3FZgIiRwnF00YOLpWOy8OdwkncNt8FWzpBlIOC3sDVT9fGGAAGj7WyxjQygw7v2ujUE9un8uGbNnygdTnXq58b82wb0Syyk2NFo

Request Chain 106

https://ads.yieldmo.com/exptsync?google_gid=CAESEDhRcl6yIgNbRJZgGEgN-OE&google_cver=1&google_push=ASkJ3FaLs9Zmm6E8ANCyohwcFeFEUbDb_VUGZJTWmSUTJLbLGG2JoeeiOaIX0rY8PIcQ7BHV6zKx2kVS-f7w_EB0RbQGsFCJCpN0Rzfu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FaLs9Zmm6E8ANCyohwcFeFEUbDb_VUGZJTWmSUTJLbLGG2JoeeiOaIX0rY8PIcQ7BHV6zKx2kVS-f7w_EB0RbQGsFCJCpN0Rzfu&google_hm=ZzQ5MDc4N2NlMjc1NTY0Nzc4Yjk=

Request Chain 107

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEOr9RNplW7oXYD7bEXN84MY&google_cver=1&google_push=ASkJ3FY-Ffyc2iverFfuyMmJpY_wgeEGaWdTR_NDczxv5GSSN4iQJ-YJAGsPRWi5wHLe3cHIybz7rHId8x6TetaQqVFv16gw6B_FgvZ0vg HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEOr9RNplW7oXYD7bEXN84MY&google_cver=1&google_push=ASkJ3FY-Ffyc2iverFfuyMmJpY_wgeEGaWdTR_NDczxv5GSSN4iQJ-YJAGsPRWi5wHLe3cHIybz7rHId8x6TetaQqVFv16gw6B_FgvZ0vg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=oC8XUC0PRbW2dqErLbykwg==&no_redirect=1&google_push=ASkJ3FY-Ffyc2iverFfuyMmJpY_wgeEGaWdTR_NDczxv5GSSN4iQJ-YJAGsPRWi5wHLe3cHIybz7rHId8x6TetaQqVFv16gw6B_FgvZ0vg

Request Chain 108

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED3q-Zabhwn1_CZogr-P9qc&google_cver=1&google_push=ASkJ3FbnrUHuxnleHTaPUVK6afb9oK5Kf_n_wETFApHLstM2o-2mWreaAOuWf0dsN1LQeI30Luwyi7yGbXvY4I0RQ1JeoD8zJ3LiRcMaog HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED3q-Zabhwn1_CZogr-P9qc&google_cver=1&google_push=ASkJ3FbnrUHuxnleHTaPUVK6afb9oK5Kf_n_wETFApHLstM2o-2mWreaAOuWf0dsN1LQeI30Luwyi7yGbXvY4I0RQ1JeoD8zJ3LiRcMaog&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01RVFaUHA5RTJ1SHRzeDlVRFNRVWFiMjh6QWVZS2dtX35B&google_push=ASkJ3FbnrUHuxnleHTaPUVK6afb9oK5Kf_n_wETFApHLstM2o-2mWreaAOuWf0dsN1LQeI30Luwyi7yGbXvY4I0RQ1JeoD8zJ3LiRcMaog

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

155 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
torgi.24bank.su/
Redirect Chain

http://torgi.24bank.su/
https://torgi.24bank.su/

58 KB
15 KB

597ms
262ms

Document
text/html

5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

8b6344f2665a7b4371ec997067b00b0ce20de0dfbcf965fbf756193e895b42d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=396, public
content-encoding: gzip
content-length: 15346
content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 07:41:06 GMT
etag: "3bf2-5ef232e3ea6f2"
expires: Tue, 06 Dec 2022 07:47:42 GMT
last-modified: Tue, 06 Dec 2022 06:47:42 GMT
pragma: public
referrer-policy
server: nginx/1.20.2
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Cookie

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Tue, 06 Dec 2022 07:41:05 GMT
Location: https://torgi.24bank.su/
Server: nginx/1.20.2

GET
H2 200 autoptimize_89acdce35ce881db734acff1b4eed2c6.css
torgi.24bank.su/wp-content/cache/autoptimize/css/ 63 KB
19 KB 148ms
147ms Stylesheet
text/css 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/cache/autoptimize/css/autoptimize_89acdce35ce881db734acff1b4eed2c6.css

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

f37adda4018a13de4ffe08a27982d69603cb6e84c05d576f02ca5a7b68a6257a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:10:00 GMT
server: nginx/1.20.2
etag: W/"5ef1e308-fc20"
content-type: text/css
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
33 KB 184ms
49ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:40:18 GMT

GET
H2 200 autoptimize_b3d692035e59b746cfa687f5a18d2d57.js Show response
torgi.24bank.su/wp-content/cache/autoptimize/js/ 10 KB
4 KB 166ms
162ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/cache/autoptimize/js/autoptimize_b3d692035e59b746cfa687f5a18d2d57.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

b27bf8d902f81d740b7a03b8c6b6912ed1ed07260e9dc5664a0f1f1aef82f3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:08:08 GMT
server: nginx/1.20.2
etag: W/"5ef1e298-2757"
content-type: application/javascript; charset=utf-8
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 logo.png
torgi.24bank.su/wp-content/themes/torginfo/images/ 1 KB
2 KB 174ms
170ms Image
image/png 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://torgi.24bank.su/wp-content/themes/torginfo/images/logo.png

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

691f7a1f67bd20c14dc758e62ab8b8c19b662c53cddf24c28f2c93d772b5fc75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jun 2020 11:08:09 GMT
server: nginx/1.20.2
etag: "5ef1e299-595"
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1429
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 lazy_placeholder.gif
torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
250 B 176ms
172ms Image
image/gif 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jun 2020 11:08:13 GMT
server: nginx/1.20.2
etag: "5ef1e29d-2a"
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 42
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 198ms
95ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

805437d8954df09d279395bd511ebc29e4ff428c01711ccf70eecb978d11a120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49187
x-xss-protection: 0
server: cafe
etag: 7448955955433528811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 07:41:06 GMT

GET
H2 200 front.min.js Show response
torgi.24bank.su/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 139ms
138ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/plugins/table-of-contents-plus/front.min.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:08:12 GMT
server: nginx/1.20.2
etag: W/"5ef1e29c-17cb"
content-type: application/javascript; charset=utf-8
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 jquery.bxslider.min.js Show response
torgi.24bank.su/wp-content/themes/torginfo/js/ 23 KB
7 KB 135ms
134ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/themes/torginfo/js/jquery.bxslider.min.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

b0ed7256ad6c2f44037d68adcbc5139635d49f99b4fb4ae97876b3264bf714bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:08:09 GMT
server: nginx/1.20.2
etag: W/"5ef1e299-5bfd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 scripts.js Show response
torgi.24bank.su/wp-content/themes/torginfo/js/ 8 KB
3 KB 162ms
135ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/themes/torginfo/js/scripts.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

c297fc6b646ba245dda790aa12134d618e1cb2802ec13f9bbb1f1ac94a9a2cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:08:09 GMT
server: nginx/1.20.2
etag: W/"5ef1e299-21da"
content-type: application/javascript; charset=utf-8
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
torgi.24bank.su/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 167ms
141ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

10c86b787eec802ee5cad865137e429228f7be0f15444e656e8ca84d933c3a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:08:12 GMT
server: nginx/1.20.2
etag: W/"5ef1e29c-1094"
content-type: application/javascript; charset=utf-8
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 jquery.lazyloadxt.extra.min.js Show response
torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
2 KB 184ms
158ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:08:13 GMT
server: nginx/1.20.2
etag: W/"5ef1e29d-bc6"
content-type: application/javascript; charset=utf-8
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 jquery.lazyloadxt.srcset.min.js Show response
torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 1 KB
944 B 164ms
159ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

0a9e05fa3d5632de3fa9bc89b1e59ad5c93e2f3017675c2f9610623bc9a33eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:08:13 GMT
server: nginx/1.20.2
etag: W/"5ef1e29d-543"
content-type: application/javascript; charset=utf-8
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 jquery.lazyloadxt.extend.js Show response
torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 792 B
582 B 165ms
160ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

f3c666d75eeb7a517edef5cd6fc4db0c45f5e3e1442c603ae4fa77d93e4ece7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:08:13 GMT
server: nginx/1.20.2
etag: W/"5ef1e29d-318"
content-type: application/javascript; charset=utf-8
cache-control: max-age=5184000
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 50ms
46ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 19:41:18 GMT

GET
H2 200 loading.gif
torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 154ms
154ms Image
image/gif 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://torgi.24bank.su/wp-content/plugins/a3-lazy-load/assets/css/loading.gif

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/wp-content/cache/autoptimize/css/autoptimize_89acdce35ce881db734acff1b4eed2c6.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/wp-content/cache/autoptimize/css/autoptimize_89acdce35ce881db734acff1b4eed2c6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:06 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jun 2020 11:08:13 GMT
server: nginx/1.20.2
etag: "5ef1e29d-69a"
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1690
expires: Sat, 04 Feb 2023 07:41:06 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 160 KB
57 KB 1531ms
315ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b9b55eda4118e5fda9876af796e33d19cbb2661da9e0594f2d7837039f0e0ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
etag: "6388ac0c-e14c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57676
expires: Tue, 06 Dec 2022 08:41:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 1255ms
82ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

044acf365f5269bc4439837d45427861c77a767ebf981ebc0ffbd2defb9420e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 07:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 07:41:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 07:41:08 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 355 KB
117 KB 215ms
123ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e274242b762c1376fb04eb27bd3ce6049b2360051f855f8f390dd1c2ea940b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119773
x-xss-protection: 0
server: cafe
etag: 6361918574938067903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 07:41:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame F4B8 10 KB
5 KB 158ms
41ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 06:55:41 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 06:55:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 torgi-ru-01.jpg
torgi.24bank.su/wp-content/uploads/2018/12/ 111 KB
112 KB 135ms
134ms Image
image/jpeg 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://torgi.24bank.su/wp-content/uploads/2018/12/torgi-ru-01.jpg

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

b064d705efa1e0a021cef82d915e5ad5f5e7b61d34aaa01be78a48ee7d7e7a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:07 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jun 2020 11:08:07 GMT
server: nginx/1.20.2
etag: "5ef1e297-1bd3c"
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 113980
expires: Sat, 04 Feb 2023 07:41:07 GMT

GET
H2 200 credit-card.png
torgi.24bank.su/wp-content/themes/torginfo/images/ 35 KB
35 KB 534ms
534ms Image
image/png 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://torgi.24bank.su/wp-content/themes/torginfo/images/credit-card.png

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

144b8063a39c65b33832453666ddb075b143ce3d1657462a428c6b4bbd8c372f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:07 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jun 2020 11:08:09 GMT
server: nginx/1.20.2
etag: "5ef1e299-8bc7"
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 35783
expires: Sat, 04 Feb 2023 07:41:07 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 110ms
109ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1670312466670

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d48b9f955ab35e1e234952bdc193e1c3c9b2093bb8a499c897284f768c2181f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49192
x-xss-protection: 0
server: cafe
etag: 8780176263547516382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 07:41:07 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 100ms
99ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1670312466671

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c2669e5a08b8bb1a8575af711b0f94bf343e7a73b2409acde7adde9991cc31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49190
x-xss-protection: 0
server: cafe
etag: 13501538044501822175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 07:41:07 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 146ms
145ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1670312466672

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aff39d88899147448a202eaec769d27b78ab363f1db1d10c0c9b604d657b241d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49187
x-xss-protection: 0
server: cafe
etag: 8236322244617153858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 07:41:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 147ms
48ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torgi.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 13:22:36 GMT
x-content-type-options: nosniff
age: 411512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 13:22:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 147ms
56ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torgi.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:39:16 GMT
x-content-type-options: nosniff
age: 475312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:39:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 160ms
108ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torgi.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 01:31:33 GMT
x-content-type-options: nosniff
age: 454175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 01:31:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 143ms
105ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torgi.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:40:49 GMT
x-content-type-options: nosniff
age: 475219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:40:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 108ms
107ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torgi.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 22:31:34 GMT
x-content-type-options: nosniff
age: 464974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 22:31:34 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
695 B 185ms
70ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=torgi.24bank.su&callback=_gfp_s_&client=ca-pub-1114993438075446&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

668f1ea80e3be316d2776f4029b025be7693f85e267bcd9fb41e1a3845edf551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 205ms
65ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=torgi.24bank.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51D8 99 KB
34 KB 519ms
421ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=600&slotname=2429665799&adk=3756833032&adf=3677047716&pi=t.ma~as.2429665799&w=300&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=300x600&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467318&bpp=25&bdt=954&idt=1655&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=4806985550821&frm=20&pv=2&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tbaecqZ3tl&p=https%3A//torgi.24bank.su&dtd=1857

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4adbe70708908c78758c9b5af8108a65d267410274a12027b9d80701cefa23cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:09 GMT
expires: Tue, 06 Dec 2022 07:41:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41DE 246 KB
58 KB 638ms
636ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=3025194257&lmt=1670309262&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftorgi.24bank.su%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467426&bpp=14&bdt=1063&idt=1902&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=2073

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac2b20669220075902c20b3ad5d7f7de5741ba45fc955567e7b2e7661851531f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 59680
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:10 GMT
expires: Tue, 06 Dec 2022 07:41:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1863 22 KB
10 KB 361ms
358ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=8148896336&adk=1940793308&adf=3240874266&pi=t.ma~as.8148896336&w=680&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=680x280&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467505&bpp=3&bdt=1141&idt=2050&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C0x0&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=o9S3Qr8N3R&p=https%3A//torgi.24bank.su&dtd=2063

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94ba104db193c2499564e5f0a7f5940be631702e6a6c39c62d5c819aaaa5ab1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9851
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:09 GMT
expires: Tue, 06 Dec 2022 07:41:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9844.2r3u2O8aCh0iKhr_iAKHrzZncbAyUZaIF9XFzViBaBoz3Ty2harlL3BFkwGLifgN.j7h5Rb78iuJdFtzVmKF7lJiEkOY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9844.-wvj_qImex8GN94iAPKBxxNNp0DVzf1n0Zqmcshgyqvi0n6P4D0M7-oaHSXRJ7uhPq573ZwmMXuEuhQ5Z27_pJ3CzY5QWRenw6C7dIvcQyM%2C.t-ThDypZnlcOZWnJjCwqDMZXcIw%2C

75 B
75 B

160ms
159ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9844.-wvj_qImex8GN94iAPKBxxNNp0DVzf1n0Zqmcshgyqvi0n6P4D0M7-oaHSXRJ7uhPq573ZwmMXuEuhQ5Z27_pJ3CzY5QWRenw6C7dIvcQyM%2C.t-ThDypZnlcOZWnJjCwqDMZXcIw%2C

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:10 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9844.-wvj_qImex8GN94iAPKBxxNNp0DVzf1n0Zqmcshgyqvi0n6P4D0M7-oaHSXRJ7uhPq573ZwmMXuEuhQ5Z27_pJ3CzY5QWRenw6C7dIvcQyM%2C.t-ThDypZnlcOZWnJjCwqDMZXcIw%2C
date: Tue, 06 Dec 2022 07:41:10 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 160ms
156ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:09 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
etag: "6388ac0c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 06 Dec 2022 08:41:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 51D8 8 KB
895 B 192ms
73ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=600&slotname=2429665799&adk=3756833032&adf=3677047716&pi=t.ma~as.2429665799&w=300&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=300x600&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467318&bpp=25&bdt=954&idt=1655&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=4806985550821&frm=20&pv=2&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tbaecqZ3tl&p=https%3A//torgi.24bank.su&dtd=1857

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 07:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 06:47:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 07:41:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 51D8 2 KB
846 B 295ms
102ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 51D8 23 KB
10 KB 241ms
49ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 51D8 3 KB
1 KB 136ms
69ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 00:36:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 51D8 18 KB
7 KB 247ms
55ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51D8 153 KB
47 KB 266ms
110ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 07:41:10 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 51D8 34 KB
14 KB 187ms
44ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:01:20 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BD3 100 KB
36 KB 623ms
596ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=350&slotname=4600533562&adk=1857923861&adf=1839787983&pi=t.ma~as.4600533562&w=350&lmt=1670309262&format=350x350&url=https%3A%2F%2Ftorgi.24bank.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467521&bpp=9&bdt=1158&idt=2350&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc5dc03ef8b3c303c-2226593fded80004%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MZ4TMZEFVUQ6TvGRED8j98GGlAmjw&gpic=UID%3D000008c68ff8c63b%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MbzwJ-q2UsJ5bZECrCSuoJc1hZBug&prev_fmts=300x600%2C0x0%2C680x280&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HRYES37ztl&p=https%3A//torgi.24bank.su&dtd=2401

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe2918c48c6d7f0724698b0c86f5f9574fdb0b1213a81e2820112b5abc27ab04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:10 GMT
expires: Tue, 06 Dec 2022 07:41:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 51D8 0
0 80ms
79ms Fetch
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEvpGFfKOY432FZq6xtYPtaiskAXql_rjbdz5xIPoEN3ooriNDhABILS4_iJgybajiPCj7BKgAaO17vgoyAEJqQLhuRVC8aCxPqgDAcgDywSqBMgBT9A_Yq9LjNEciDy-BBFBx5bw0NciUX2VDM-xAi4y_kGbnP_1zcrGzMtF3ZpBgyVpLy1eTWSQmQUMPNvApVKwtc20VO9W5O9K5c8O1ov1SLFGqHSmnNxIS0meXEOZIV7swQiZvo2efpE-N7GuVpbGqo7kFAVhKSExVMfkqlVvKfaItfrcQ1iLcrKpB_-KD6dzh_DrfkOOkWqkb64xKqYstngHo5IXf1ygvXcGGaS8_ifJ9H_B6Ny6101_YzCuOX5uDnm9ZUmz8UfABM2MxJGTBJIFBAgEGAGSBQQIBRgEoAYugAej7b7YA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOnaAtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0xMTE0OTkzNDM4MDc1NDQ2GAA&sigh=Bzv0BGjS_jo&uach_m=[UACH]&cid=CAQSGwDq26N9VtcPRJp63n3AQRR2N_sPQNWg05FCiBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=600&slotname=2429665799&adk=3756833032&adf=3677047716&pi=t.ma~as.2429665799&w=300&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=300x600&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467318&bpp=25&bdt=954&idt=1655&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&correlator=4806985550821&frm=20&pv=2&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tbaecqZ3tl&p=https%3A//torgi.24bank.su&dtd=1857
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 07:41:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Dec 2022 07:41:10 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18370848567290223718/ Frame 51D8 11 KB
11 KB 116ms
73ms Image
image/jpeg 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18370848567290223718/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93ad9b0790546ab49b6f39f670f8c1b28d9d9d0cae30a1eba26af674b95bef0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 01:17:21 GMT
x-content-type-options: nosniff
age: 455029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11252
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 18:50:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 01:17:21 GMT

GET
DATA 200
OK truncated
/ Frame 51D8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 51D8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 1863 3 KB
1 KB 145ms
46ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=8148896336&adk=1940793308&adf=3240874266&pi=t.ma~as.8148896336&w=680&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=680x280&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467505&bpp=3&bdt=1141&idt=2050&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C0x0&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=o9S3Qr8N3R&p=https%3A//torgi.24bank.su&dtd=2063

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 00:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 1863 18 KB
7 KB 134ms
41ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1863 153 KB
47 KB 180ms
82ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 07:41:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1863 0
0 87ms
81ms Fetch
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGt6qFfKOY4mmJoKcvPIPpZW16Aycge-wXKqxqqp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTExNDk5MzQzODA3NTQ0NsgBCagDAaoEugFP0GeB2I_b9lM0K1cyVov7nZ475HHgyhEdes4xzzdZsZ3CUFNthlm0AE0igz3MDq-vNdLjFNppLHk2GDJaLk1sHPHF8Q3Wc-2s9Eak5xXTrRsT5ussWUzIc3Ovk21yIDdId8zgiL20Oi7XACN_6h7oBYi4Mqam6rrTg4JxlQHeF5Y2_J9QUaP4mOOFOM0QBtUBjLJxy9bPlY9hG2beJcAs1uAxcPFU5ypZv-wYqJlygLx7l9IMAsppwVSABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExMTQ5OTM0MzgwNzU0NDYYAA&sigh=bFjELGP7sQc&uach_m=[UACH]&cid=CAQSGwDq26N9e5rupjPENjn-yk-_MwL8OUD3I4vc0BgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=8148896336&adk=1940793308&adf=3240874266&pi=t.ma~as.8148896336&w=680&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=680x280&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467505&bpp=3&bdt=1141&idt=2050&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C0x0&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=o9S3Qr8N3R&p=https%3A//torgi.24bank.su&dtd=2063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 07:41:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 1863 0
0 167ms
48ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RKgFmALiIp0XAgAAAL-I-vuzXbOREBXyjmPEFgpaXTM2ePpafgASAAA&wp=Y47yFQAJkwkITw4CAA1Kpb12QlSqJvhXrMawqw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 264722
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame DE9D 135 KB
46 KB 209ms
96ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y47yFQAJkwkITw4CAA1Kpb12QlSqJvhXrMawqw&u=%7CC9Tf4TZdwEnI8W8Al90nkAjrjc3ajGDdL%2FE7EZHatv0%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGNpto_MXuDqKOROXOwHnusQPczbSGC8MrIeJIakerMV1XAT5JqIgiDbApLvhgEMTeyu2C99dOThg_KWRSO5upl7eGC9KwaGrW94hy4PAzVqC4yglSYoqeQtWn3iU_lSopcrjj-8zBLorCZCSuw-C9pU6KtDO_u7sbUBswaGizFmWCvmGEsEPPIyPG-wRoXTec-K2_AmYa7LfPJp83fo--5Gxm4eEJRFvYupGAhVnk-LNL0cbM9tmCjCKX8EQC3R48Mth0b-KvyDpWKdH9BnzwPuFRXz2aiDVWVZLeTk3XJm0n6gSufX_XEB51RWF16H8hvc_eicgRVowFZHHrdfTIf17fCYeAs4VlLdyEgl14FV0QLIx1ZNtvnKAIn30NyZII4p_ogEKVLrAf9CAoCerdVilV3dGCxylxmbH2eDrWvpTWylhZHJS8ZNpTjBXja-cmEQkvoEtz5RvcYzSuH7JTEWesqsjS8KfI_7K1YZaENwK9v60_LlVZffWyyQNfLM8Sjj_jYcuQ5SICNlZHlMPfIt57ZrNPf70JAtdyBKUw2NBwtT0r_JzmMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJuQPFfKOY4mmJoKcvPIPpZW16Aycge-wXKqxqqp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTExNDk5MzQzODA3NTQ0NsgBCagDAaoEvQFP0GeB2I_b9lM0K1cyVov7nZ475HHgyhEdes4xzzdZsZ3CUFNthlm0AE0igz3MDq-vNdLjFNppLHk2GDJaLk1sHPHF8Q3Wc-2s9Eak5xXTrRsT5ussWUzIc3Ovk21yIDdId8zgiL20Oi7XACN_6h7oBYi4Mqam6rrTg4JxlQHeF5Y2_J9QUaP4mOOFOM0QBtUBjLJxy5TNtR3K6e_e5klBWgtL-TLj2wJQkfTcM2oICXXFif4Uqxz4wZdlWAeABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZjZkgXIK2umW90hS8S9y8vpUnpQ%26client%3Dca-pub-1114993438075446%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

30a60139abb01553fd041ccfcbcb62188f59a707f3bfd0a7ff16cb8778eb9bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=m0Cf1ufBuaEfJK2qS1ZvEqaxLbgZE466y89gITfeflbavWGX5FFVyFN2s8lV913bozklXsUSccT-NgJdqrG5z5TDUdoGIr8s3iMenGwM1CaHsrxlWfs8-bdCK3eNv7LdU4SFgUEDZYNDONX2RFD6rk9iBIZogHyl8puqpDZEweeRY2SkOUffDHdutfHFheGGwuV2KhBlCl46aDLuDfAweBDtoqPxKMLWHqsmCeodrUh0MsL5y9AhKcVU2BekkHfOPRCf7w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 56699459
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 51D8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee948999d7a5980b5cff3d1ecafa108b2bf269cc6ba176371d33b68cf708a3ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 150 KB
51 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

402edc8c38022859e86435a8f21b371a9416c56a352ed6e37da324b5c7aa9dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52336
x-xss-protection: 0
server: cafe
etag: 8118607634254182052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 07:41:10 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DE9D 2 KB
1 KB 146ms
57ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y47yFQAJkwkITw4CAA1Kpb12QlSqJvhXrMawqw&u=%7CC9Tf4TZdwEnI8W8Al90nkAjrjc3ajGDdL%2FE7EZHatv0%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGNpto_MXuDqKOROXOwHnusQPczbSGC8MrIeJIakerMV1XAT5JqIgiDbApLvhgEMTeyu2C99dOThg_KWRSO5upl7eGC9KwaGrW94hy4PAzVqC4yglSYoqeQtWn3iU_lSopcrjj-8zBLorCZCSuw-C9pU6KtDO_u7sbUBswaGizFmWCvmGEsEPPIyPG-wRoXTec-K2_AmYa7LfPJp83fo--5Gxm4eEJRFvYupGAhVnk-LNL0cbM9tmCjCKX8EQC3R48Mth0b-KvyDpWKdH9BnzwPuFRXz2aiDVWVZLeTk3XJm0n6gSufX_XEB51RWF16H8hvc_eicgRVowFZHHrdfTIf17fCYeAs4VlLdyEgl14FV0QLIx1ZNtvnKAIn30NyZII4p_ogEKVLrAf9CAoCerdVilV3dGCxylxmbH2eDrWvpTWylhZHJS8ZNpTjBXja-cmEQkvoEtz5RvcYzSuH7JTEWesqsjS8KfI_7K1YZaENwK9v60_LlVZffWyyQNfLM8Sjj_jYcuQ5SICNlZHlMPfIt57ZrNPf70JAtdyBKUw2NBwtT0r_JzmMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJuQPFfKOY4mmJoKcvPIPpZW16Aycge-wXKqxqqp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTExNDk5MzQzODA3NTQ0NsgBCagDAaoEvQFP0GeB2I_b9lM0K1cyVov7nZ475HHgyhEdes4xzzdZsZ3CUFNthlm0AE0igz3MDq-vNdLjFNppLHk2GDJaLk1sHPHF8Q3Wc-2s9Eak5xXTrRsT5ussWUzIc3Ovk21yIDdId8zgiL20Oi7XACN_6h7oBYi4Mqam6rrTg4JxlQHeF5Y2_J9QUaP4mOOFOM0QBtUBjLJxy5TNtR3K6e_e5klBWgtL-TLj2wJQkfTcM2oICXXFif4Uqxz4wZdlWAeABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZjZkgXIK2umW90hS8S9y8vpUnpQ%26client%3Dca-pub-1114993438075446%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 07:41:10 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame DE9D 2 KB
1 KB 150ms
62ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 07:41:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DE9D 308 B
636 B 46ms
45ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 01 Dec 2023 07:41:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DE9D 293 B
621 B 44ms
43ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 01 Dec 2023 07:41:10 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame DE9D 2 KB
1 KB 231ms
52ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&dvregion=0&unit=680x280
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y47yFQAJkwkITw4CAA1Kpb12QlSqJvhXrMawqw&u=%7CC9Tf4TZdwEnI8W8Al90nkAjrjc3ajGDdL%2FE7EZHatv0%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGNpto_MXuDqKOROXOwHnusQPczbSGC8MrIeJIakerMV1XAT5JqIgiDbApLvhgEMTeyu2C99dOThg_KWRSO5upl7eGC9KwaGrW94hy4PAzVqC4yglSYoqeQtWn3iU_lSopcrjj-8zBLorCZCSuw-C9pU6KtDO_u7sbUBswaGizFmWCvmGEsEPPIyPG-wRoXTec-K2_AmYa7LfPJp83fo--5Gxm4eEJRFvYupGAhVnk-LNL0cbM9tmCjCKX8EQC3R48Mth0b-KvyDpWKdH9BnzwPuFRXz2aiDVWVZLeTk3XJm0n6gSufX_XEB51RWF16H8hvc_eicgRVowFZHHrdfTIf17fCYeAs4VlLdyEgl14FV0QLIx1ZNtvnKAIn30NyZII4p_ogEKVLrAf9CAoCerdVilV3dGCxylxmbH2eDrWvpTWylhZHJS8ZNpTjBXja-cmEQkvoEtz5RvcYzSuH7JTEWesqsjS8KfI_7K1YZaENwK9v60_LlVZffWyyQNfLM8Sjj_jYcuQ5SICNlZHlMPfIt57ZrNPf70JAtdyBKUw2NBwtT0r_JzmMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJuQPFfKOY4mmJoKcvPIPpZW16Aycge-wXKqxqqp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTExNDk5MzQzODA3NTQ0NsgBCagDAaoEvQFP0GeB2I_b9lM0K1cyVov7nZ475HHgyhEdes4xzzdZsZ3CUFNthlm0AE0igz3MDq-vNdLjFNppLHk2GDJaLk1sHPHF8Q3Wc-2s9Eak5xXTrRsT5ussWUzIc3Ovk21yIDdId8zgiL20Oi7XACN_6h7oBYi4Mqam6rrTg4JxlQHeF5Y2_J9QUaP4mOOFOM0QBtUBjLJxy5TNtR3K6e_e5klBWgtL-TLj2wJQkfTcM2oICXXFif4Uqxz4wZdlWAeABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZjZkgXIK2umW90hS8S9y8vpUnpQ%26client%3Dca-pub-1114993438075446%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 07:41:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:55:21 GMT
Server: Microsoft-IIS/10.0
ETag: "42b02eb945ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame DE9D 8 KB
4 KB 248ms
69ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y47yFQAJkwkITw4CAA1Kpb12QlSqJvhXrMawqw&u=%7CC9Tf4TZdwEnI8W8Al90nkAjrjc3ajGDdL%2FE7EZHatv0%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGNpto_MXuDqKOROXOwHnusQPczbSGC8MrIeJIakerMV1XAT5JqIgiDbApLvhgEMTeyu2C99dOThg_KWRSO5upl7eGC9KwaGrW94hy4PAzVqC4yglSYoqeQtWn3iU_lSopcrjj-8zBLorCZCSuw-C9pU6KtDO_u7sbUBswaGizFmWCvmGEsEPPIyPG-wRoXTec-K2_AmYa7LfPJp83fo--5Gxm4eEJRFvYupGAhVnk-LNL0cbM9tmCjCKX8EQC3R48Mth0b-KvyDpWKdH9BnzwPuFRXz2aiDVWVZLeTk3XJm0n6gSufX_XEB51RWF16H8hvc_eicgRVowFZHHrdfTIf17fCYeAs4VlLdyEgl14FV0QLIx1ZNtvnKAIn30NyZII4p_ogEKVLrAf9CAoCerdVilV3dGCxylxmbH2eDrWvpTWylhZHJS8ZNpTjBXja-cmEQkvoEtz5RvcYzSuH7JTEWesqsjS8KfI_7K1YZaENwK9v60_LlVZffWyyQNfLM8Sjj_jYcuQ5SICNlZHlMPfIt57ZrNPf70JAtdyBKUw2NBwtT0r_JzmMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJuQPFfKOY4mmJoKcvPIPpZW16Aycge-wXKqxqqp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTExNDk5MzQzODA3NTQ0NsgBCagDAaoEvQFP0GeB2I_b9lM0K1cyVov7nZ475HHgyhEdes4xzzdZsZ3CUFNthlm0AE0igz3MDq-vNdLjFNppLHk2GDJaLk1sHPHF8Q3Wc-2s9Eak5xXTrRsT5ussWUzIc3Ovk21yIDdId8zgiL20Oi7XACN_6h7oBYi4Mqam6rrTg4JxlQHeF5Y2_J9QUaP4mOOFOM0QBtUBjLJxy5TNtR3K6e_e5klBWgtL-TLj2wJQkfTcM2oICXXFif4Uqxz4wZdlWAeABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZjZkgXIK2umW90hS8S9y8vpUnpQ%26client%3Dca-pub-1114993438075446%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 11651cdf189794c835c1f3c975716a3c3c355a6a87f369c865a55fb0a68e1e9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 07:41:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 15:41:28 GMT
Server: Microsoft-IIS/10.0
ETag: "08414ac08d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3315

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame DE9D 43 B
348 B 209ms
49ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=V87SMcal2szQIPBKfCmByVFNlJqrF4oCwMwM2TQxOs46J4pls_L9lJzHa55w_K3uBhapc8Kb8DHxBaFDdiAATn6rv9sXCVlqE7s9ZsztM2YJx0U0XZjFl02VYQIUZeto4xL7OfBsKFtF6eesJIB9VEtrxI_OcvoICArEIAKmzrdJuac_h0yP8r3HNxjFtWYpFT5tyG46E3-flAh6y9YbrnGcZTV1HgHuv7kc2LwWDKqO57ruyDJj-57GkE8Lc-z8ZnjSYsb_lGwPTVTadaz0221hzaI0odPRghgi5g26sqT2nTxoDbBaccxYjPle_sVfCy1VRBlKvqyzKQ-Jb7sbxdgjJrlSHBRXLirr9TrI9w-T8HFtluiqAtqsdgTRD1KC5Atec8_D04VjTAUwXIPZvpP6-JqbbS0gxyZWslyVxtr5ksXp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3512220
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

B28205461.342025052;dc_pre=CJa0-uu-5PsCFQoPaAgdktUKpw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=638ef215b9de1dc96390d4862b6df675;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame DE9D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=638ef215b9de1dc96390d4862b6df675;dc_lat=;dc_rdid=;tag_for_child_directe...
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CJa0-uu-5PsCFQoPaAgdktUKpw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=638ef215b9de1dc96390d4862b6df675;dc_l...

42 B
63 B

180ms
83ms

Image
image/gif

142.251.40.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CJa0-uu-5PsCFQoPaAgdktUKpw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=638ef215b9de1dc96390d4862b6df675;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.251.40.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CJa0-uu-5PsCFQoPaAgdktUKpw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=638ef215b9de1dc96390d4862b6df675;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame DE9D 43 B
581 B 205ms
48ms Image
image/gif 2600:9000:21da:2600:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=638ef215b9de1dc96390d4862b6df675&col=308271,0,0,0,11120203,638ef215b9de1dc96390d4862b6df675
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y47yFQAJkwkITw4CAA1Kpb12QlSqJvhXrMawqw&u=%7CC9Tf4TZdwEnI8W8Al90nkAjrjc3ajGDdL%2FE7EZHatv0%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGNpto_MXuDqKOROXOwHnusQPczbSGC8MrIeJIakerMV1XAT5JqIgiDbApLvhgEMTeyu2C99dOThg_KWRSO5upl7eGC9KwaGrW94hy4PAzVqC4yglSYoqeQtWn3iU_lSopcrjj-8zBLorCZCSuw-C9pU6KtDO_u7sbUBswaGizFmWCvmGEsEPPIyPG-wRoXTec-K2_AmYa7LfPJp83fo--5Gxm4eEJRFvYupGAhVnk-LNL0cbM9tmCjCKX8EQC3R48Mth0b-KvyDpWKdH9BnzwPuFRXz2aiDVWVZLeTk3XJm0n6gSufX_XEB51RWF16H8hvc_eicgRVowFZHHrdfTIf17fCYeAs4VlLdyEgl14FV0QLIx1ZNtvnKAIn30NyZII4p_ogEKVLrAf9CAoCerdVilV3dGCxylxmbH2eDrWvpTWylhZHJS8ZNpTjBXja-cmEQkvoEtz5RvcYzSuH7JTEWesqsjS8KfI_7K1YZaENwK9v60_LlVZffWyyQNfLM8Sjj_jYcuQ5SICNlZHlMPfIt57ZrNPf70JAtdyBKUw2NBwtT0r_JzmMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJuQPFfKOY4mmJoKcvPIPpZW16Aycge-wXKqxqqp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTExNDk5MzQzODA3NTQ0NsgBCagDAaoEvQFP0GeB2I_b9lM0K1cyVov7nZ475HHgyhEdes4xzzdZsZ3CUFNthlm0AE0igz3MDq-vNdLjFNppLHk2GDJaLk1sHPHF8Q3Wc-2s9Eak5xXTrRsT5ussWUzIc3Ovk21yIDdId8zgiL20Oi7XACN_6h7oBYi4Mqam6rrTg4JxlQHeF5Y2_J9QUaP4mOOFOM0QBtUBjLJxy5TNtR3K6e_e5klBWgtL-TLj2wJQkfTcM2oICXXFif4Uqxz4wZdlWAeABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZjZkgXIK2umW90hS8S9y8vpUnpQ%26client%3Dca-pub-1114993438075446%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:2600:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:10 GMT
via: 1.1 959ac13ef19fa38a0d3684985f996ffc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: niwZHcZ2kJIEvWpcNJTXQUiGdyb1rme-pkzQPHAIdtuYZ5tchBgTMw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 6548e2693f53f59daa3961d0dd1d6f1f.js Show response
www.gstatic.com/mysidia/ Frame 6BD3 9 KB
4 KB 154ms
43ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=350&slotname=4600533562&adk=1857923861&adf=1839787983&pi=t.ma~as.4600533562&w=350&lmt=1670309262&format=350x350&url=https%3A%2F%2Ftorgi.24bank.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467521&bpp=9&bdt=1158&idt=2350&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc5dc03ef8b3c303c-2226593fded80004%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MZ4TMZEFVUQ6TvGRED8j98GGlAmjw&gpic=UID%3D000008c68ff8c63b%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MbzwJ-q2UsJ5bZECrCSuoJc1hZBug&prev_fmts=300x600%2C0x0%2C680x280&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HRYES37ztl&p=https%3A//torgi.24bank.su&dtd=2401

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71a8be1afe6e03fc91ef705cffaf7f3058159e8d86b7adb9d78a56cd7f18f577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 11:05:45 GMT

GET
H3 200 f0156226f42e7531bee21bb5db76ddd9.js Show response
www.gstatic.com/mysidia/ Frame 6BD3 10 KB
4 KB 166ms
56ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f0156226f42e7531bee21bb5db76ddd9.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ef0f986562179606b8f3039f367ef2ea5d24ba0e6d3bdbab8406a3845cb9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 20:27:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6BD3 8 KB
895 B 108ms
103ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 07:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 06:21:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 07:41:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6BD3 2 KB
765 B 53ms
51ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 6BD3 23 KB
9 KB 55ms
51ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6BD3 3 KB
1 KB 52ms
50ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 00:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6BD3 18 KB
7 KB 100ms
95ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6BD3 0
0 168ms
58ms Image
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeyUvkRDJktzsH7dzfZ-RvQazBdjPSDBFQJG0dGJw-B_N5MBtGfZM-N-myePtiYt_RibtiqncI16KFOpwtULRV9r-hPQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=350&slotname=4600533562&adk=1857923861&adf=1839787983&pi=t.ma~as.4600533562&w=350&lmt=1670309262&format=350x350&url=https%3A%2F%2Ftorgi.24bank.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467521&bpp=9&bdt=1158&idt=2350&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc5dc03ef8b3c303c-2226593fded80004%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MZ4TMZEFVUQ6TvGRED8j98GGlAmjw&gpic=UID%3D000008c68ff8c63b%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MbzwJ-q2UsJ5bZECrCSuoJc1hZBug&prev_fmts=300x600%2C0x0%2C680x280&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HRYES37ztl&p=https%3A//torgi.24bank.su&dtd=2401
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BD3 153 KB
47 KB 77ms
76ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 07:41:11 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 6BD3 34 KB
14 KB 55ms
54ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 19:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 19:43:44 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 51D8 28 KB
28 KB 156ms
52ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 471994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:34:36 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/65105596/
Redirect Chain

https://mc.yandex.com/watch/65105596?wmode=7&page-url=https%3A%2F%2Ftorgi.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A2388%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
https://mc.yandex.com/watch/65105596/1?wmode=7&page-url=https%3A%2F%2Ftorgi.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A2388%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...

454 B
639 B

167ms
166ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/65105596/1?wmode=7&page-url=https%3A%2F%2Ftorgi.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A2388%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A423419665829%3Ahid%3A257440611%3Az%3A0%3Ai%3A20221206074109%3Aet%3A1670312470%3Ac%3A1%3Arn%3A311832092%3Arqn%3A1%3Au%3A1670312470955277002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A15%2C284%2C262%2C2%2C930%2C0%2C%2C748%2C75%2C%2C%2C%2C2285%3Aco%3A0%3Acpf%3A1%3Ans%3A1670312464828%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670312471%3At%3A%D0%A2%D0%BE%D1%80%D0%B3%D0%B8%20%D0%B3%D0%BE%D0%B2%20%D1%80%D1%83%20-%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%2C%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%20%D0%B2%20%D0%A0%D0%A4.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3f129799b8a223f963c12acb0c65967cc9f7f6131fe6cac784f32c6de47c3274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 06-Dec-2022 07:41:11 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://torgi.24bank.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 07:41:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:10 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 07:41:10 GMT
location: /watch/65105596/1?wmode=7&page-url=https%3A%2F%2Ftorgi.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A2388%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A423419665829%3Ahid%3A257440611%3Az%3A0%3Ai%3A20221206074109%3Aet%3A1670312470%3Ac%3A1%3Arn%3A311832092%3Arqn%3A1%3Au%3A1670312470955277002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A15%2C284%2C262%2C2%2C930%2C0%2C%2C748%2C75%2C%2C%2C%2C2285%3Aco%3A0%3Acpf%3A1%3Ans%3A1670312464828%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670312471%3At%3A%D0%A2%D0%BE%D1%80%D0%B3%D0%B8%20%D0%B3%D0%BE%D0%B2%20%D1%80%D1%83%20-%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%2C%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%82%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%20%D0%B2%20%D0%A0%D0%A4.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://torgi.24bank.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 07:41:10 GMT

GET
DATA 200
OK truncated
/ Frame 1863 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c8e33331b87f18b32c3a0e663605ae1928f974281f7f94852534469d7fb9f87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 182ms
74ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=torgi.24bank.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame 77F5 10 KB
4 KB 62ms
40ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:25:49 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 00:25:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame CEAE 10 KB
4 KB 68ms
47ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:25:49 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 00:25:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8ED4 36 KB
15 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 05:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 05:20:44 GMT

GET
H/1.1 200
OK dvbs_src_internal113.js Show response
cdn.doubleverify.com/ Frame DE9D 59 KB
19 KB 55ms
54ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&dvregion=0&unit=680x280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 07:41:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19448

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BD3 0
0 83ms
82ms Fetch
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY9jAFvKOY9-eBJ2OvPIPvuG12Amb9rO0WuWX5PzWCLCQHxABILS4_iJgybajiPCj7BKgAYL5_egDyAEBqAMByAPLBKoExgFP0D4rAYZrK8j2UxEDzZHJgCVmZQ6prf7CVzAAR1uMBI_I2r4qTz8r4wz9N0c-g6W7xuFC0IjN5_ANEkcPhcIU8Zb9qZVBz0h0BRBG_4wnei0FZDhi7th6tL2jMdJ9sH99nonQfXyAY8v_KcF25O3v57u8YX7COiKsy5Wl8z2rAtLJajsii0ZmK0lquEr2_Q2qRsctqi0dpDG00v-Cr_hnZ8AybS1UGzI6GNeYWOJEgMIpWgt8AO3ypC3PFAfKk00eLnxpbJPABI7KvLFGkgUECAQYAZIFBAgFGASAB-aGgheoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD0rHrSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItMTExNDk5MzQzODA3NTQ0NhgA&sigh=jplaYZbTDBY&uach_m=[UACH]&cid=CAQSPADq26N9xnjpSf35l1ERm6K-e8lNy9yTIBKWx7JGY_XONMYrPkKGuF2q0a3gYoz2kYCaWCirf8MOnBHWORgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=350&slotname=4600533562&adk=1857923861&adf=1839787983&pi=t.ma~as.4600533562&w=350&lmt=1670309262&format=350x350&url=https%3A%2F%2Ftorgi.24bank.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467521&bpp=9&bdt=1158&idt=2350&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc5dc03ef8b3c303c-2226593fded80004%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MZ4TMZEFVUQ6TvGRED8j98GGlAmjw&gpic=UID%3D000008c68ff8c63b%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MbzwJ-q2UsJ5bZECrCSuoJc1hZBug&prev_fmts=300x600%2C0x0%2C680x280&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HRYES37ztl&p=https%3A//torgi.24bank.su&dtd=2401
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 07:41:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1BFB 143 B
166 B 52ms
41ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=350&slotname=4600533562&adk=1857923861&adf=1839787983&pi=t.ma~as.4600533562&w=350&lmt=1670309262&format=350x350&url=https%3A%2F%2Ftorgi.24bank.su%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467521&bpp=9&bdt=1158&idt=2350&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc5dc03ef8b3c303c-2226593fded80004%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MZ4TMZEFVUQ6TvGRED8j98GGlAmjw&gpic=UID%3D000008c68ff8c63b%3AT%3D1670312469%3ART%3D1670312469%3AS%3DALNI_MbzwJ-q2UsJ5bZECrCSuoJc1hZBug&prev_fmts=300x600%2C0x0%2C680x280&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HRYES37ztl&p=https%3A//torgi.24bank.su&dtd=2401
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B0B6 1 KB
643 B 48ms
42ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 66130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 13:19:01 GMT
etag: 48472445140208031
expires: Tue, 06 Dec 2022 13:19:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6BD3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff778e3b5411f32fb5a4491f9372c0f1d82f4c79d91f0c3b0ea04be5c7456d5c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 77F5 4 KB
636 B 146ms
126ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 07:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 07:28:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 07:41:11 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77F5 205 B
229 B 99ms
42ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 23:34:17 GMT
x-content-type-options: nosniff
age: 115614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Dec 2023 23:34:17 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77F5 604 B
628 B 100ms
44ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 20:26:40 GMT
x-content-type-options: nosniff
age: 126871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Dec 2023 20:26:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame 77F5 19 KB
8 KB 133ms
77ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame 77F5 13 KB
6 KB 138ms
78ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

544612813965186215221cc3d4a908a50dd459e4b62f59cdd2a31aec55e120dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 10:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
server: cafe
etag: 5540947809271654929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 10:49:46 GMT

GET
H3 200 6548e2693f53f59daa3961d0dd1d6f1f.js Show response
www.gstatic.com/mysidia/ Frame CEAE 9 KB
4 KB 136ms
92ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71a8be1afe6e03fc91ef705cffaf7f3058159e8d86b7adb9d78a56cd7f18f577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 11:05:45 GMT

GET
H3 200 f0156226f42e7531bee21bb5db76ddd9.js Show response
www.gstatic.com/mysidia/ Frame CEAE 10 KB
4 KB 138ms
94ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f0156226f42e7531bee21bb5db76ddd9.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ef0f986562179606b8f3039f367ef2ea5d24ba0e6d3bdbab8406a3845cb9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 20:27:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CEAE 8 KB
895 B 150ms
107ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 07:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 06:20:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 07:41:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame CEAE 2 KB
765 B 168ms
125ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame CEAE 23 KB
9 KB 156ms
113ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame CEAE 3 KB
1 KB 178ms
134ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 00:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame CEAE 18 KB
7 KB 165ms
121ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEAE 153 KB
47 KB 106ms
97ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 07:41:11 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame CEAE 34 KB
14 KB 154ms
146ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 19:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 19:43:44 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame DE9D 443 B
549 B 215ms
54ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_533811229680&jsTagObjCallback=__tagObject_callback_533811229680&num=6&ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&advid=&adsrv=&unit=680x280&isdvvid=&uid=533811229680&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=108&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauE%40C8%3A%5Dac32%3F%3C%5DDFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&dvp_exetime=39.40&callbackName=__verify_callback_533811229680
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: cf1bbb1e3964868a43d94938082fed4e57658b7aeaa7732f2443eac0fab098d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 07:41:11 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 12/05/2022 07:41:11

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0B6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIkl-MH0JbNSTCS2E3ZgMpM&google_cver=1&google_push=ASkJ3Fbh-lKN66oNxzDVUwoGK1y7A7F4xFV3TtAm88RIbzwhVlD_jrW9EEqwFnrT9A8DSGwTudE-p1i4o5BIIA7ii9Enxqt...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbh-lKN66oNxzDVUwoGK1y7A7F4xFV3TtAm88RIbzwhVlD_jrW9EEqwFnrT9A8DSGwTudE-p1i4o5BIIA7ii9Enxqt3QIJRVXhk&google_hm=eS1nbi5TUld0RTJwRU...

170 B
188 B

202ms
86ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbh-lKN66oNxzDVUwoGK1y7A7F4xFV3TtAm88RIbzwhVlD_jrW9EEqwFnrT9A8DSGwTudE-p1i4o5BIIA7ii9Enxqt3QIJRVXhk&google_hm=eS1nbi5TUld0RTJwRUtkWFFWQl83cHdDMF80MENyRkxVT35B

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 06 Dec 2022 07:41:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbh-lKN66oNxzDVUwoGK1y7A7F4xFV3TtAm88RIbzwhVlD_jrW9EEqwFnrT9A8DSGwTudE-p1i4o5BIIA7ii9Enxqt3QIJRVXhk&google_hm=eS1nbi5TUld0RTJwRUtkWFFWQl83cHdDMF80MENyRkxVT35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0B6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP4RmlR2p5tpC94G68juy4Y&google_cver=1&google_push=ASkJ3FYVaBB7sXZhTOxIXjTE1T5pCo3IKM0qkCEM3X4y1EF1rjM1VatZ2hCK12853e8IoK6BZi3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCV1g0ODQtMUEtNFpVVg==&google_push=ASkJ3FYVaBB7sXZhTOxIXjTE1T5pCo3IKM0qkCEM3X4y1EF1rjM1VatZ2hCK12853e8IoK6BZi3GbiIo70VtCNKx28ChoI7E0zANZX9C

170 B
188 B

193ms
77ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCV1g0ODQtMUEtNFpVVg==&google_push=ASkJ3FYVaBB7sXZhTOxIXjTE1T5pCo3IKM0qkCEM3X4y1EF1rjM1VatZ2hCK12853e8IoK6BZi3GbiIo70VtCNKx28ChoI7E0zANZX9C

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCV1g0ODQtMUEtNFpVVg==&google_push=ASkJ3FYVaBB7sXZhTOxIXjTE1T5pCo3IKM0qkCEM3X4y1EF1rjM1VatZ2hCK12853e8IoK6BZi3GbiIo70VtCNKx28ChoI7E0zANZX9C
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ace9692b4e77bdf741ff63add80edaca
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0B6
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEINvoQ6mphHJFSf6YapFlTI&google_cver=1&google_push=ASkJ3FYZAHjWB4z6zziaP6BtC8hJY-k_Mkc4NchanDp63E27FV0X7e7RNahPjs45rF9kRh3cM1svGPZaU7gLUlf5H...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEINvoQ6mphHJFSf6YapFlTI&google_cver=1&google_push=ASkJ3FYZAHjWB4z6zziaP6BtC8hJY-k_Mkc4NchanDp63E27FV0X7e7RNahPjs45rF9kRh3cM1svGPZaU7gLUlf5H...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FYZAHjWB4z6zziaP6BtC8hJY-k_Mkc4NchanDp63E27FV0X7e7RNahPjs45rF9kRh3cM1svGPZaU7gLUlf5HuMFGyQYSXAZTtg&google_hm=FxQNiGZH2GqhBA6BReu...

170 B
188 B

75ms
75ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FYZAHjWB4z6zziaP6BtC8hJY-k_Mkc4NchanDp63E27FV0X7e7RNahPjs45rF9kRh3cM1svGPZaU7gLUlf5HuMFGyQYSXAZTtg&google_hm=FxQNiGZH2GqhBA6BReub4-LH

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 06 Dec 2022 07:41:12 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FYZAHjWB4z6zziaP6BtC8hJY-k_Mkc4NchanDp63E27FV0X7e7RNahPjs45rF9kRh3cM1svGPZaU7gLUlf5HuMFGyQYSXAZTtg&google_hm=FxQNiGZH2GqhBA6BReub4-LH
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0B6
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEP-ijIspSDfHCkgaD7-kZc8&google_cver=1&google_push=ASkJ3FZgIiRwnF00YOLpWOy8OdwkncNt8FWzpBlIOC3sDVT9fGGAAGj7WyxjQygw7v2ujUE9un8uGbNnygdT...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhOZhr4Z_Qh2rTry2Y_m76GAQDjfXaTLokg&google_push=ASkJ3FZgIiRwnF00YOLpWOy8OdwkncNt8FWzpBlIOC3sDVT9fGGAAGj7WyxjQygw7v2ujUE9un8uGbNnyg...

170 B
188 B

200ms
84ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhOZhr4Z_Qh2rTry2Y_m76GAQDjfXaTLokg&google_push=ASkJ3FZgIiRwnF00YOLpWOy8OdwkncNt8FWzpBlIOC3sDVT9fGGAAGj7WyxjQygw7v2ujUE9un8uGbNnygdTnXq58b82wb0Syyk2NFo

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhOZhr4Z_Qh2rTry2Y_m76GAQDjfXaTLokg&google_push=ASkJ3FZgIiRwnF00YOLpWOy8OdwkncNt8FWzpBlIOC3sDVT9fGGAAGj7WyxjQygw7v2ujUE9un8uGbNnygdTnXq58b82wb0Syyk2NFo
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0B6
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEDhRcl6yIgNbRJZgGEgN-OE&google_cver=1&google_push=ASkJ3FaLs9Zmm6E8ANCyohwcFeFEUbDb_VUGZJTWmSUTJLbLGG2JoeeiOaIX0rY8PIcQ7BHV6zKx2kVS-f7w_EB0RbQGsFCJCpN...
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FaLs9Zmm6E8ANCyohwcFeFEUbDb_VUGZJTWmSUTJLbLGG2JoeeiOaIX0rY8PIcQ7BHV6zKx2kVS-f7w_EB0RbQGsFCJCpN0Rzfu&google_hm=ZzQ5MDc4N2NlMjc1...

170 B
188 B

201ms
87ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FaLs9Zmm6E8ANCyohwcFeFEUbDb_VUGZJTWmSUTJLbLGG2JoeeiOaIX0rY8PIcQ7BHV6zKx2kVS-f7w_EB0RbQGsFCJCpN0Rzfu&google_hm=ZzQ5MDc4N2NlMjc1NTY0Nzc4Yjk=

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:12 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FaLs9Zmm6E8ANCyohwcFeFEUbDb_VUGZJTWmSUTJLbLGG2JoeeiOaIX0rY8PIcQ7BHV6zKx2kVS-f7w_EB0RbQGsFCJCpN0Rzfu&google_hm=ZzQ5MDc4N2NlMjc1NTY0Nzc4Yjk=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0B6
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEOr9RNplW7oXYD7bEXN84MY&google_cver=1&google_push=ASkJ3FY-Ffyc2iverFfuyMmJpY_wgeEGaWdTR_NDczxv5GSSN4iQJ-YJAGsPRWi5wHLe3cHIybz7...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEOr9RNplW7oXYD7bEXN84MY&google_cver=1&google_push=ASkJ3FY-Ffyc2iverFfuyMmJpY_wgeEGaWdTR_NDczxv5GSSN4iQJ-YJAGsPRWi5wHLe3c...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=oC8XUC0PRbW2dqErLbykwg==&no_redirect=1&google_push=ASkJ3FY-Ffyc2iverFfuyMmJpY_wgeEGaWdTR_NDczxv5GSSN4iQJ-...

170 B
188 B

78ms
78ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=oC8XUC0PRbW2dqErLbykwg==&no_redirect=1&google_push=ASkJ3FY-Ffyc2iverFfuyMmJpY_wgeEGaWdTR_NDczxv5GSSN4iQJ-YJAGsPRWi5wHLe3cHIybz7rHId8x6TetaQqVFv16gw6B_FgvZ0vg

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=oC8XUC0PRbW2dqErLbykwg==&no_redirect=1&google_push=ASkJ3FY-Ffyc2iverFfuyMmJpY_wgeEGaWdTR_NDczxv5GSSN4iQJ-YJAGsPRWi5wHLe3cHIybz7rHId8x6TetaQqVFv16gw6B_FgvZ0vg
date: Tue, 06 Dec 2022 07:41:12 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0B6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED3q-Zabhwn1_CZogr-P9qc&google_cver=1&google_push=ASkJ3FbnrUHuxnleHTaPUVK6afb9oK5Kf_n_wETFApHLstM2o-2mWreaAOuWf0dsN1LQeI30Lu...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED3q-Zabhwn1_CZogr-P9qc&google_cver=1&google_push=ASkJ3FbnrUHuxnleHTaPUVK6afb9oK5Kf_n_wETFApHLstM2o-2mWreaAOuWf0dsN1LQeI30Lu...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01RVFaUHA5RTJ1SHRzeDlVRFNRVWFiMjh6QWVZS2dtX35B&google_push=ASkJ3FbnrUHuxnleHTaPUVK6afb9oK5Kf_n_wETFApHLstM2o-2mWreaA...

170 B
188 B

77ms
76ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01RVFaUHA5RTJ1SHRzeDlVRFNRVWFiMjh6QWVZS2dtX35B&google_push=ASkJ3FbnrUHuxnleHTaPUVK6afb9oK5Kf_n_wETFApHLstM2o-2mWreaAOuWf0dsN1LQeI30Luwyi7yGbXvY4I0RQ1JeoD8zJ3LiRcMaog

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01RVFaUHA5RTJ1SHRzeDlVRFNRVWFiMjh6QWVZS2dtX35B&google_push=ASkJ3FbnrUHuxnleHTaPUVK6afb9oK5Kf_n_wETFApHLstM2o-2mWreaAOuWf0dsN1LQeI30Luwyi7yGbXvY4I0RQ1JeoD8zJ3LiRcMaog
date: Tue, 06 Dec 2022 07:41:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B0B6 0
232 B 209ms
65ms Image
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3S7t1E2bDYHX8B7I7k6ZGQuW8biPGm1hXfrGP3Rm53wNMIVUqE4GrI6Bi2FzwJ0G8vseyo40

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1863 42 B
64 B 216ms
105ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLA-_6xQrZ1HUt-tG5vUg0Z1qoEY0AQR9KulMxBCajPLAQsM9p4q3KHgCbgO4EL0bKxsSQ2l5n6u5XpDaGiNwP6W0&sig=Cg0ArKJSzHPV9CngW4CQEAE&id=lidar2&mcvt=1451&p=0,0,280,680&mtos=1451,1451,1451,1451,1451&tos=1451,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1940793308&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670312469573&rpt=1254&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 51D8 42 B
64 B 149ms
107ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvo6JTicqD9GtvPEh-KxEzzw4pUs7RvZMeaN2etwtkJ1sMCTGadN4fLx86mqOoJs73C4btUqkceN_P_zsvy_CKuKYW5uYAE1DdvfCSwNEt8tUKAysTXHyJz1RXhIvm0yXlkfrY&sai=AMfl-YRMt5x5z0zN_FLpxS81ujxy3g6lDQDynunRHbYpl1kq6Yvl_yvHazRCaqr-X_MY9u4YtCTiJjV62IZMdXo&sig=Cg0ArKJSzFUjJArCMV6uEAE&cid=CAQSGwDq26N9VtcPRJp63n3AQRR2N_sPQNWg05FCiBgBIBM&id=lidar2&mcvt=1226&p=0,0,600,300&mtos=0,0,1226,1226,1226&tos=0,0,1226,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=3756833032&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670312469187&rpt=1891&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1BFB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

107ms
83ms

Document
text/html

2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:12 GMT
expires: Tue, 06 Dec 2022 07:41:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 37CD 8 KB
895 B 112ms
110ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 07:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 06:18:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 07:41:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 37CD 2 KB
765 B 47ms
46ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 37CD 23 KB
9 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 37CD 3 KB
1 KB 56ms
55ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 00:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 37CD 18 KB
7 KB 90ms
88ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 37CD 153 KB
47 KB 138ms
137ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 07:41:12 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 37CD 34 KB
14 KB 98ms
90ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 19:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 19:43:44 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6BD3 28 KB
28 KB 124ms
43ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 471996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:34:36 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame DE9D 0
229 B 156ms
69ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=241cc59f1a414ba68f602e51dd77a7f8&vfdur=219&cbust=1670312472630499
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 06 Dec 2022 07:41:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 12/05/2022 07:41:12

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8613947210465666894/ Frame CEAE 1 KB
1 KB 56ms
44ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8613947210465666894/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c48405cd099aeaefe68cbb972e3fd9e46fae50a6f75cffd3b84814e24cc744ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 02:33:17 GMT
x-content-type-options: nosniff
age: 450475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1456
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 18:50:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 02:33:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CEAE 0
0 127ms
78ms Fetch
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_c0KFfKOY-iGI_SNvPIP8Kq20Ar6l5bgbYWCgsXyEMCNtwEQASC0uP4iYMm2o4jwo-wSoAGjte74KMgBAakCp2s6W0KbsT6oAwGqBMMBT9BRmrwtnDkih2ZoZu8qBKyc9G-cybI7CaPTBgr9i-soxnkgDs5OiSEhyEsDcUhH5pVu8exD4wmLx2aJ-i6rboivUcdk1yeC57D-y3kCR2DSx0kouDP7871BE131p07EF0yNZqcmomr-Kp-W5sc2x30sDnyWpx2jx23skZOEdAh8bV3GRS5ghjPSfgyZ2-l-OP6yTZVQ4vvyjD48yDzEIK0TUUQghHpAqbL3PGnDYysG-L7VYdlRJ04hKwu--A3tFeQ-wASl9eHwkgSSBQQIBBgBkgUECAUYBIAHo-2-2AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDe1gXSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMTExNDk5MzQzODA3NTQ0NhgA&sigh=SBObCZOLAOU&uach_m=[UACH]&cid=CAQSGwDq26N9UwXS1hiF5EJAsvZ91RsuJpS5iULJPRgBIBM&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 07:41:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A310 143 B
166 B 65ms
55ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 56
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CEAE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9537a1e17cc50bd9a50e6c493a8be8dd0cc6b1e0b9749839ad7e7f8d3f1b0c6d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements3304.js Show response
cdn.doubleverify.com/ Frame B3E7 552 KB
106 KB 46ms
45ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3304.js
Requested by: Host: torgi.24bank.su
URL: https://torgi.24bank.su/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2cb0a1c30d8a448f9280525d10b126a9c0ee058fa740cba84fba248f07a51612

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 07:41:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Dec 2022 12:19:26 GMT
Server: Microsoft-IIS/10.0
ETag: "05b64a6da7d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108124

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DE9D 12 KB
5 KB 93ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 388951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUFVUTWLh7B%2F3QBJnVoewelchbkSCo1gSYnaBCeKcAjM0m0g%2Feg5w3v%2F%2FmMmc%2BpQRPewnDIfBkGrvl%2FLeWcWsKfJ2%2FtqCfEu3Huw0SmlLfI6wKE9%2Bm7056j3uQei0wgcQQ5ICOM9M6P5LWSqSwcQQRYU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 775360bd688e2980-ORD
expires: Sun, 26 Nov 2023 07:41:13 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DE9D 12 KB
6 KB 39ms
39ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 07:41:13 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame DE9D 5 KB
6 KB 161ms
43ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=556&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2Fd5bb21879100431680b4588fceb6cd1e_logo_lightbg_horizontal.png&v=3&w=196&s=bfATsxTzblTqU08XAHK-yc-u

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

8d28cbde77423f882bf0826656dc20e8508ad3b3ec6c9e32ae0b2edb1c5c8f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=27548414
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5569
expires: Sat, 21 Oct 2023 04:01:27 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame DE9D 5 KB
5 KB 158ms
40ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F22307997_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=JfRUpQp7TnGevMKz6M394M4h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

1cef82113325299470911c305330eca88f597def15841dc0d6e6264119706839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2210519
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4962
expires: Sat, 31 Dec 2022 21:43:13 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame DE9D 4 KB
5 KB 205ms
88ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F19495782_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=qQBX0KexnaZveb_l3YgjFBtX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

036bbf2df21e3f901bafe789fff1cb665562a4f943e7fe3295eab62f674124c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1864398
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4574
expires: Tue, 27 Dec 2022 21:34:32 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame DE9D 10 KB
10 KB 187ms
70ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F21061481_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=EXO4xIBeaH4oxlPobMjJGd2a&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

4f201545774a550c0003069e027c08041f61dab123347eee3fd8c92219187930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=389091
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10234
expires: Sat, 10 Dec 2022 19:46:04 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame DE9D 4 KB
5 KB 209ms
93ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F19782706_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=IThyYdrXnzfwIWqxbR38KxSF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

eb8f1b384c9809f2df5ecb7a53eea296f61565ed73356bf424b6c3554395b7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=979323
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4396
expires: Sat, 17 Dec 2022 15:43:16 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame DE9D 0
128 B 181ms
45ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=m0Cf1ufBuaEfJK2qS1ZvEqaxLbgZE466y89gITfeflbavWGX5FFVyFN2s8lV913bozklXsUSccT-NgJdqrG5z5TDUdoGIr8s3iMenGwM1CaHsrxlWfs8-bdCK3eNv7LdU4SFgUEDZYNDONX2RFD6rk9iBIZogHyl8puqpDZEweeRY2SkOUffDHdutfHFheGGwuV2KhBlCl46aDLuDfAweBDtoqPxKMLWHqsmCeodrUh0MsL5y9AhKcVU2BekkHfOPRCf7w&sds=2&rev=83862&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 07:41:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DE9D 2 KB
1 KB 39ms
39ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 07:41:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DE9D 2 KB
1 KB 39ms
39ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 07:41:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5354 143 B
166 B 42ms
40ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js Show response
pagead2.googlesyndication.com/bg/ Frame BEA1 36 KB
15 KB 43ms
43ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 05:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 05:20:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A310
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

95ms
93ms

Document
text/html

2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:13 GMT
expires: Tue, 06 Dec 2022 07:41:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B3E7 724 B
720 B 181ms
81ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=640&ttfrms=91&brid=3&brver=108.0.5359.94&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauE%40C8%3A%5Dac32%3F%3C%5DDFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=442&ddur=378&uid=1670312473637685&jsCallback=dvCallback_1670312473637210&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.94%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=680&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3304&tgjsver=3304&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DY47yFQAJkwkITw4CAA1Kpb12QlSqJvhXrMawqw%26u%3D%257CC9Tf4TZdwEnI8W8Al90nkAjrjc3ajGDdL%252FE7EZHatv0%253D%257C%26c1%3DTUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGNpto_MXuDqKOROXOwHnusQPczbSGC8MrIeJIakerMV1XAT5JqIgiDbApLvhgEMTeyu2C99dOThg_KWRSO5upl7eGC9KwaGrW94hy4PAzVqC4yglSYoqeQtWn3iU_lSopcrjj-8zBLorCZCSuw-C9pU6KtDO_u7sbUBswaGizFmWCvmGEsEPPIyPG-wRoXTec-K2_AmYa7LfPJp83fo--5Gxm4eEJRFvYupGAhVnk-LNL0cbM9tmCjCKX8EQC3R48Mth0b-KvyDpWKdH9BnzwPuFRXz2aiDVWVZLeTk3XJm0n6gSufX_XEB51RWF16H8hvc_eicgRVowFZHHrdfTIf17fCYeAs4VlLdyEgl14FV0QLIx1ZNtvnKAIn30NyZII4p_ogEKVLrAf9CAoCerdVilV3dGCxylxmbH2eDrWvpTWylhZHJS8ZNpTjBXja-cmEQkvoEtz5RvcYzSuH7JTEWesqsjS8KfI_7K1YZaENwK9v60_LlVZffWyyQNfLM8Sjj_jYcuQ5SICNlZHlMPfIt57ZrNPf70JAtdyBKUw2NBwtT0r_JzmMA%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCJuQPFfKOY4mmJoKcvPIPpZW16Aycge-wXKqxqqp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTExNDk5MzQzODA3NTQ0NsgBCagDAaoEvQFP0GeB2I_b9lM0K1cyVov7nZ475HHgyhEdes4xzzdZsZ3CUFNthlm0AE0igz3MDq-vNdLjFNppLHk2GDJaLk1sHPHF8Q3Wc-2s9Eak5xXTrRsT5ussWUzIc3Ovk21yIDdId8zgiL20Oi7XACN_6h7oBYi4Mqam6rrTg4JxlQHeF5Y2_J9QUaP4mOOFOM0QBtUBjLJxy5TNtR3K6e_e5klBWgtL-TLj2wJQkfTcM2oICXXFif4Uqxz4wZdlWAeABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ZjZkgXIK2umW90hS8S9y8vpUnpQ%2526client%253Dca-pub-1114993438075446%2526adurl%253D&fcifrms=7&brh=2&sdf=2&dvp_epl=250&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=28205461&sid=1340728&plc=342025052&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1723825509.0895169&dvp_tukv=286025982.1699651&dvp_uuid=1332361205.4196348&dvp_strhd=0.7999992370605469&dvpx_strhd=0.7999992370605469&dvp_tuid=57577912019&jurtd=209864228
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3304.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: ab9b493f53aefa06a29bc7b54e53dd360110f1e75a1c5512edbc7f6eec437ea8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 07:41:13 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 12/05/2022 07:41:13

GET
H3 200 css
fonts.googleapis.com/ Frame DE9D 4 KB
621 B 92ms
92ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 07:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 05:48:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 07:41:13 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5354
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

75ms
75ms

Document
text/html

2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:14 GMT
expires: Tue, 06 Dec 2022 07:41:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js Show response
pagead2.googlesyndication.com/bg/ Frame B7CD 36 KB
15 KB 44ms
43ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js

Requested by

Host: torgi.24bank.su
URL: https://torgi.24bank.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 05:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 05:20:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BD3 42 B
64 B 109ms
109ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttOObrXErAX3Ps_Ejd39fZRF5VmV0gtLvgswVc69Ow5tOmI1ZK_423FfeuVjQD7aR2ryZugEtI6xHCGqvEYXEYY4oq1ipcgLUWb-ZazEUluKKqFgZacKuxgZ3N-8mCOfKdEvE&sai=AMfl-YQa5vCMZGWbtDEcdOOTH3pRktxzvxClYrw1lZnopk4l9tcuAT2rFufotj8QR_2rEEu9F_jLwbm3I7-Q2d6MgH4MYRFKLcb0p7dSEoOA4TLpGtYjvRQ2i4jpeqsTjAc&sig=Cg0ArKJSzDZYVugSzuCnEAE&cid=CAQSPADq26N9xnjpSf35l1ERm6K-e8lNy9yTIBKWx7JGY_XONMYrPkKGuF2q0a3gYoz2kYCaWCirf8MOnBHWORgBIBM&id=lidar2&mcvt=1089&p=0,0,350,350&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1857923861&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670312469933&rpt=3263&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DE9D 15 KB
15 KB 44ms
40ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 13:22:36 GMT
x-content-type-options: nosniff
age: 411518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 13:22:36 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DE9D 15 KB
16 KB 40ms
39ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 22:31:34 GMT
x-content-type-options: nosniff
age: 464980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 22:31:34 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CEAE 42 B
64 B 105ms
105ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBClPpIJu5QBuEJpNMYHzs88W0m71bBD8rJ82t4yRkrfNt4d7Axx3F3L_M-VOUg-eut5rF8KsylEyRy3a1ZZOq_wtak6sz_PHoPuumgLKaksDhOSFp5tzDlGf698vrgBhdIV8&sai=AMfl-YSs7dPMWJiEmyNP5sK74q_sl0gICFvQClYG02C50JjbA3NEBfyIJdNukL5Vdqn9jOrwT68wDYRs96wKnfE&sig=Cg0ArKJSzB34x7UaNTrdEAE&cid=CAQSGwDq26N9UwXS1hiF5EJAsvZ91RsuJpS5iULJPRgBIBM&id=lidar2&mcvt=1313&p=0,0,124,1005&mtos=1313,1313,1313,1313,1313&tos=1313,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670312471003&rpt=2384&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame DE9D 0
127 B 44ms
43ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 07:41:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 76ms
75ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12eb87e8af7c71759fc58164d209dfd744ce9fcc4c87e48c847a55bf8e82e551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11178
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 07:41:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 38C9 13 KB
5 KB 42ms
41ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 43416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:37:39 GMT
expires: Tue, 05 Dec 2023 19:37:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C74E 783 B
534 B 60ms
59ms Document
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47d0d76e1b9a04575bc43642abe7b29fba0c7756d390ebeb26c7d4b6ab3ac86d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kKNy6ZrZnPY9_nDhBtJpng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://torgi.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-kKNy6ZrZnPY9_nDhBtJpng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:41:15 GMT
expires: Tue, 06 Dec 2022 07:41:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C74E 0
0 100ms
98ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221129&jk=865887975208909&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js Show response
pagead2.googlesyndication.com/bg/ Frame 38C9 36 KB
15 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 05:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 05:20:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 38C9 0
10 B 41ms
40ms Image
text/plain 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PStXaA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:41:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 107ms
106ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221129&jk=865887975208909&bg=!z8ylzIjNAAa7eOFIm3g7ACkAdvg8WroZ7cOF0ezEQXhWnqR8Nttq-iLJ3d6CsFQ2q56aK9mjAcXXZgIAAAKSUgAAAARoAQeZApyOYUD0KWBzLXqDy3io4DMxuSOfFj062VzB9I1Q7VYa_0fyAKzcBf-pA9G_aP30Lruksa3olH3wF0V_Ovz9RDfzwKlG3RXYxEIgnt0tnOur2D1aZMO2j3X9Ko8dJpJiOjmJQbiPxrpBRMGOU8NHXdpLv44_AaqlaNzmN48dUCvL9G2yFa4lzTV7LTQ1-gyx1oKXg7ZE7yMD1Qxcra8kLG-ezH67bourp_sMUUC4p97StnfaPhvaEJxgTlOWyV5UIO5jsUFT4ykuGBxrV03Rq3ESKJCZuHDMd3I4gMsbbFoojkhn3APoyQ-a_BLm9jBsb--i-aPua2oT0G-0xnCzSmmAZHa3LHMyJ_S27s8EYWxW3RtGKGlC4Rc0DH5KLHIU4tG1HsPy6tLNmM9y3FlAEtPmmSwFV1dATNiQxgmVxCAAtJsD-FVmUGqj38gVLIi8moqQDW1LSX5ONdl4f1O5Fr5Ce56sV4nqYWnWQ5ZREAiB3utOFUstfE0on1tjbCRZnvthTQvY8FHOiAqFZ2tIWGtLGKEYXEd9DKFQhFn0mWr2hqwImoGzoFKPwHb6NSEOzLylsAF9aFSsp87UeFhCAaotlSr3VKz9QoRW8LcNhv8h8wfbQ8ZjoJpC0dS5LwpKQkRSNFu82WwICc2s1UV4YW_XcgrVxX_56xh2_VBKkVmdvykQXYnyoE34XwcMN5pfF1fslAu_4M07SIzc8b0_YwU1KDSi_UCSHkkD47yk0qbzatfn5tNPmajfOCIFitJUkUHZ5UnSc-3A_fFDNzWIiiC9idsszoNxmT-Vv8dYnTAAh0YNQn9RgpI34MK8_uky8JdXATBT417CurBNEIjn1cdNyVawgIQtkzhLofFFROpZUoH01HWbDTh9IvvCqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame B3E7 0
229 B 140ms
64ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=b1d7283de61147de974250d6c16fe3a9&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=189&eoid=14&msrjs=3304&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=378&tetms=27&msltms=99&vltms=189&sei=289&vetms=548&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=328&msrcannum=3&ismms=124&isumms=123&nvr=6&elmtp=3&isbxdms=2928&b0=100&b11=2906&adhgt=280&adwdth=680&vsos=10&dvp_vsosnmr=16&lftb=3006&sftb=3006&msrdp=1&naral=64&vct=512&vphgt=1200&vpwdth=1600&chgt=280&cwdth=680&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1272&isuiabvms=1272&ispmxpms=1272&engalms=122&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=1&metp=1&meeid=1&ttfurm=3883&cbust=1670312477439554
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3304.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 06 Dec 2022 07:41:17 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 12/05/2022 07:41:17

POST
H2 200 all
csm.us.criteo.net/ Frame DE9D 0
127 B 51ms
51ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 07:41:21 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 65105596
mc.yandex.com/watch/ 43 B
258 B 159ms
158ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/65105596?page-url=https%3A%2F%2Ftorgi.24bank.su%2F&charset=utf-8&hittoken=1670312471_a16503c50b14da2610a76e78890a9b07236fb7eb701564d5bd31976d11b76f90&browser-info=nb%3A1%3Acl%3A2001%3Aar%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A1%3Als%3A423419665829%3Ahid%3A257440611%3Az%3A0%3Ai%3A20221206074124%3Aet%3A1670312485%3Ac%3A1%3Arn%3A1001559650%3Arqn%3A2%3Au%3A1670312470955277002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C10011%2C10011%2C2%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1670312464828%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670312485&t=gdpr(14)clc(0-0-0)rqnt(2)lt(542200)aw(1)ecs(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://torgi.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 07:41:24 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 07:41:24 GMT
content-type: image/gif
access-control-allow-origin: https://torgi.24bank.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 07:41:24 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
torgi.24bank.su/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.24bank.su/	1970-01-20 16:44:08	Name: _ym_uid Value: 1670312470955277002
.24bank.su/	1970-01-20 16:44:08	Name: _ym_d Value: 1670312470
.24bank.su/	1970-01-20 17:20:08	Name: __gads Value: ID=c5dc03ef8b3c303c-2226593fded80004:T=1670312469:RT=1670312469:S=ALNI_MZ4TMZEFVUQ6TvGRED8j98GGlAmjw
.24bank.su/	1970-01-20 17:20:08	Name: __gpi Value: UID=000008c68ff8c63b:T=1670312469:RT=1670312469:S=ALNI_MbzwJ-q2UsJ5bZECrCSuoJc1hZBug
.mc.yandex.com/	1970-01-20 07:58:33	Name: sync_cookie_csrf Value: 699682882fake
.24bank.su/	1970-01-20 07:59:44	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 07:58:33	Name: sync_cookie_csrf Value: 3845637247fake
.doubleclick.net/	1970-01-20 17:34:32	Name: IDE Value: AHWqTUmO-HRQg38UcGTDH_pwi7X7tEtLRFqskT9nIj1oTQ7_4yHQR--OnHqw6r9PE4M
.agkn.com/	1970-01-20 16:44:08	Name: ab Value: 0001%3AFraeIhAP80QKPDDyXfC6jcD4P9RgNFF5
.agkn.com/	1970-01-20 16:44:08	Name: u Value: C\|0AAArIa6WKyGulgAAAAAA
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 822343121670312470
.yandex.com/	1970-01-20 17:34:32	Name: i Value: Tm5sYxNE1iLlqOGlV2PvciOlQ5zasMY8PdqBtzXZZDpYCf0rAEfgcoHFW+P8DFEnG71gfTS02XH1VP6dxL7/N1qtoaA=
.yandex.com/	1970-01-20 16:44:08	Name: yandexuid Value: 6722263661670312470
.yandex.com/	1970-01-20 16:44:08	Name: yuidss Value: 6722263661670312470
.lijit.com/	1970-01-20 16:44:08	Name: ljt_reader Value: FxQNiGZH2GqhBA6BReub4-LH
.onetag-sys.com/	1970-01-20 17:34:32	Name: OTP Value: vRbh0UMD_2tM6VFmZm445hZiJikcJXRkzVp1Fp3a1zc
.yahoo.com/	1970-01-20 16:44:30	Name: A3 Value: d=AQABBBjyjmMCEF5ya09mpIjgAHLCoaCZ0BsFEgEBAQFDkGOYYwAAAAAA_eMAAA&S=AQAAAhLINjbK7DlA3ZHlT4d0XGQ
.yieldmo.com/	1970-01-20 16:44:08	Name: yieldmo_id Value: g490787ce275564778b9%7C1670312472496%7C0%7C
.mfadsrvr.com/	1970-01-20 17:34:32	Name: tuuid Value: a02f1750-2d0f-45b5-b676-a12b2dbca4c2
.mfadsrvr.com/	1970-01-20 17:34:32	Name: c Value: 1670312472
.mfadsrvr.com/	1970-01-20 17:34:32	Name: tuuid_lu Value: 1670312472
.analytics.yahoo.com/	1970-01-20 16:44:08	Name: IDSYNC Value: 18yx~28ov
.doubleclick.net/	1970-01-20 07:58:36	Name: DSID Value: NO_DATA
.mfadsrvr.com/	1970-01-20 17:34:32	Name: ssh Value: !google,1670312472
.yandex.com/	1970-01-20 16:44:08	Name: ymex Value: 1701848470.yrts.1670312470#1701848470.yrtsi.1670312470

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=8148896336&adk=1940793308&adf=3240874266&pi=t.ma~as.8148896336&w=680&fwrn=4&fwrnh=100&lmt=1670309262&rafmt=1&format=680x280&url=https%3A%2F%2Ftorgi.24bank.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670312467505&bpp=3&bdt=1141&idt=2050&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C0x0&nras=1&correlator=4806985550821&frm=20&pv=1&ga_vid=1655330222.1670312469&ga_sid=1670312469&ga_hid=1928821683&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44774293&oid=2&pvsid=865887975208909&tmod=718035554&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=o9S3Qr8N3R&p=https%3A//torgi.24bank.su&dtd=2063 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9844.-wvj_qImex8GN94iAPKBxxNNp0DVzf1n0Zqmcshgyqvi0n6P4D0M7-oaHSXRJ7uhPq573ZwmMXuEuhQ5Z27_pJ3CzY5QWRenw6C7dIvcQyM%2C.t-ThDypZnlcOZWnJjCwqDMZXcIw%2C Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-1114993438075446&fa=1&ifi=7&uci=a!7&btvi=1&xpc=e9F0Gu2fDD&p=https%3A//torgi.24bank.su Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.us.criteo.com
ads.yieldmo.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
cat.va.us.criteo.com
cdn.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.us.criteo.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
rtb.mfadsrvr.com
rtb.va.us.criteo.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
static.criteo.net
torgi.24bank.su
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.64.98
142.251.40.134
2600:141b:13::17d7:82a8
2600:1f18:4e9:5a07:9547:efa7:eb91:ca4b
2600:9000:21da:2600:19:fc2c:a140:93a1
2606:4700::6811:190e
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::200a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2003
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
2a02:6b8::1:119
34.117.228.201
35.207.24.140
44.207.243.83
5.9.49.156
51.222.39.187
52.45.33.138
63.251.86.50
74.119.119.147
8.43.72.97
036bbf2df21e3f901bafe789fff1cb665562a4f943e7fe3295eab62f674124c7
044acf365f5269bc4439837d45427861c77a767ebf981ebc0ffbd2defb9420e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a9e05fa3d5632de3fa9bc89b1e59ad5c93e2f3017675c2f9610623bc9a33eb1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10c86b787eec802ee5cad865137e429228f7be0f15444e656e8ca84d933c3a46
11651cdf189794c835c1f3c975716a3c3c355a6a87f369c865a55fb0a68e1e9f
12eb87e8af7c71759fc58164d209dfd744ce9fcc4c87e48c847a55bf8e82e551
144b8063a39c65b33832453666ddb075b143ce3d1657462a428c6b4bbd8c372f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cef82113325299470911c305330eca88f597def15841dc0d6e6264119706839
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
2cb0a1c30d8a448f9280525d10b126a9c0ee058fa740cba84fba248f07a51612
30a60139abb01553fd041ccfcbcb62188f59a707f3bfd0a7ff16cb8778eb9bfe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3f129799b8a223f963c12acb0c65967cc9f7f6131fe6cac784f32c6de47c3274
402edc8c38022859e86435a8f21b371a9416c56a352ed6e37da324b5c7aa9dd7
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47d0d76e1b9a04575bc43642abe7b29fba0c7756d390ebeb26c7d4b6ab3ac86d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4adbe70708908c78758c9b5af8108a65d267410274a12027b9d80701cefa23cf
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f201545774a550c0003069e027c08041f61dab123347eee3fd8c92219187930
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
544612813965186215221cc3d4a908a50dd459e4b62f59cdd2a31aec55e120dd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8e33331b87f18b32c3a0e663605ae1928f974281f7f94852534469d7fb9f87
5e274242b762c1376fb04eb27bd3ce6049b2360051f855f8f390dd1c2ea940b9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668f1ea80e3be316d2776f4029b025be7693f85e267bcd9fb41e1a3845edf551
691f7a1f67bd20c14dc758e62ab8b8c19b662c53cddf24c28f2c93d772b5fc75
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
70ef0f986562179606b8f3039f367ef2ea5d24ba0e6d3bdbab8406a3845cb9ee
71a8be1afe6e03fc91ef705cffaf7f3058159e8d86b7adb9d78a56cd7f18f577
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
805437d8954df09d279395bd511ebc29e4ff428c01711ccf70eecb978d11a120
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8b6344f2665a7b4371ec997067b00b0ce20de0dfbcf965fbf756193e895b42d4
8d28cbde77423f882bf0826656dc20e8508ad3b3ec6c9e32ae0b2edb1c5c8f0c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
93ad9b0790546ab49b6f39f670f8c1b28d9d9d0cae30a1eba26af674b95bef0a
94ba104db193c2499564e5f0a7f5940be631702e6a6c39c62d5c819aaaa5ab1f
9537a1e17cc50bd9a50e6c493a8be8dd0cc6b1e0b9749839ad7e7f8d3f1b0c6d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab9b493f53aefa06a29bc7b54e53dd360110f1e75a1c5512edbc7f6eec437ea8
ac2b20669220075902c20b3ad5d7f7de5741ba45fc955567e7b2e7661851531f
aff39d88899147448a202eaec769d27b78ab363f1db1d10c0c9b604d657b241d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b064d705efa1e0a021cef82d915e5ad5f5e7b61d34aaa01be78a48ee7d7e7a33
b0ed7256ad6c2f44037d68adcbc5139635d49f99b4fb4ae97876b3264bf714bf
b27bf8d902f81d740b7a03b8c6b6912ed1ed07260e9dc5664a0f1f1aef82f3d8
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e
b9b55eda4118e5fda9876af796e33d19cbb2661da9e0594f2d7837039f0e0ac1
c0c2669e5a08b8bb1a8575af711b0f94bf343e7a73b2409acde7adde9991cc31
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c297fc6b646ba245dda790aa12134d618e1cb2802ec13f9bbb1f1ac94a9a2cd6
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c48405cd099aeaefe68cbb972e3fd9e46fae50a6f75cffd3b84814e24cc744ad
cf1bbb1e3964868a43d94938082fed4e57658b7aeaa7732f2443eac0fab098d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
d48b9f955ab35e1e234952bdc193e1c3c9b2093bb8a499c897284f768c2181f7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb8f1b384c9809f2df5ecb7a53eea296f61565ed73356bf424b6c3554395b7a8
ee948999d7a5980b5cff3d1ecafa108b2bf269cc6ba176371d33b68cf708a3ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f37adda4018a13de4ffe08a27982d69603cb6e84c05d576f02ca5a7b68a6257a
f3c666d75eeb7a517edef5cd6fc4db0c45f5e3e1442c603ae4fa77d93e4ece7a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fe2918c48c6d7f0724698b0c86f5f9574fdb0b1213a81e2820112b5abc27ab04
ff778e3b5411f32fb5a4491f9372c0f1d82f4c79d91f0c3b0ea04be5c7456d5c

torgi.24bank.su Open in urlscan Pro 5.9.49.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

94 %HTTPS

66 %IPv6

21 Domains

36 Subdomains

26 IPs

4 Countries

1705 kBTransfer

4562 kBSize

26 Cookies

4 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

torgi.24bank.su Open in urlscan Pro
5.9.49.156 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

94 %
HTTPS

66 %
IPv6

21
Domains

36
Subdomains

26
IPs

4
Countries

1705 kB
Transfer

4562 kB
Size

26
Cookies

155 HTTP transactions
6 data transactions