fakeoff.org Open in urlscan Pro
178.79.189.67 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Submission: On August 20 via manual (August 20th 2023, 9:03:12 am UTC) from PH — Scanned from GB

Summary HTTP 270 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 23 domains to perform 270 HTTP transactions. The main IP is 178.79.189.67, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is fakeoff.org.
TLS certificate: Issued by R3 on July 5th 2023. Valid for: 3 months.

This is the only time fakeoff.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	178.79.189.67 178.79.189.67	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3 14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
6	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
4	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
13	2600:9000:205... 2600:9000:2057:3800:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
34	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1 25	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
24	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 9	35.181.77.138 35.181.77.138	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
12	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	143.204.215.42 143.204.215.42	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	() ()
2	2a05:d018:d29... 2a05:d018:d29:3605:f821:c088:dfda:b5f7	() ()
1	3.71.149.231 3.71.149.231	() ()
2	95.101.149.233 95.101.149.233	() ()
1	151.101.193.44 151.101.193.44	() ()
270	38

49 178.79.189.67 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 4ad.biz

fakeoff.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

fakeoff.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2057:3800:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.181.77.138 (Paris, France) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com

cs.mytheresa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mix-phoenix.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:f821:c088:dfda:b5f7 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (None, )

ASN- ()

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	fakeoff.org fakeoff.org	533 KB
47	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1097 trc-events.taboola.com — Cisco Umbrella Rank: 2162 trc.taboola.com vidstat.taboola.com am-trc-events.taboola.com images.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com	1 MB
37	criteo.net static.criteo.net — Cisco Umbrella Rank: 710 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9104 csm.eu.criteo.net — Cisco Umbrella Rank: 8684	187 KB
37	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	473 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com	212 KB
15	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 122	165 KB
14	disqus.com fakeoff.disqus.com disqus.com — Cisco Umbrella Rank: 1313 tempest.services.disqus.com — Cisco Umbrella Rank: 16374 referrer.disqus.com — Cisco Umbrella Rank: 7476 links.services.disqus.com — Cisco Umbrella Rank: 13330	75 KB
13	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 5196	325 KB
7	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8578 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10057 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15501	160 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	601 B
6	mytheresa.com 3 redirects cs.mytheresa.com — Cisco Umbrella Rank: 82701	6 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	339 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	5 KB
3	yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	976 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	15 KB
3	commander1.com 3 redirects mix-phoenix.commander1.com — Cisco Umbrella Rank: 207896	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	21 KB
2	rubiconproject.com eus.rubiconproject.com token.rubiconproject.com Failed	11 KB
2	adsrvr.org match.adsrvr.org	529 B
2	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 9492	776 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	79 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3164	361 B
270	23

	Domain	Requested by
49	fakeoff.org	fakeoff.org
25	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
24	static.criteo.net	ads.eu.criteo.com
20	images.taboola.com
14	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
13	c.disquscdn.com	disqus.com c.disquscdn.com fakeoff.disqus.com
12	pagead2.googlesyndication.com	fakeoff.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
10	imageproxy.eu.criteo.net	ads.eu.criteo.com
6	am-trc-events.taboola.com	cdn.taboola.com
6	www.googleadservices.com	fakeoff.org googleads.g.doubleclick.net
6	cs.mytheresa.com	3 redirects ads.eu.criteo.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	cdn.taboola.com	fakeoff.org cdn.taboola.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	links.services.disqus.com	c.disquscdn.com
4	trc-events.taboola.com	fakeoff.org cdn.taboola.com
4	fonts.googleapis.com	googleads.g.doubleclick.net client
4	referrer.disqus.com	fakeoff.org
3	trc.taboola.com	cdn.taboola.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	mix-phoenix.commander1.com	3 redirects
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	disqus.com	fakeoff.disqus.com c.disquscdn.com
2	eus.rubiconproject.com	imprammp.taboola.com eus.rubiconproject.com
2	pr-bh.ybp.yahoo.com	am-match.taboola.com imprammp.taboola.com
2	match.adsrvr.org	am-match.taboola.com imprammp.taboola.com
2	cdn.viglink.com	fakeoff.org
2	www.google.com	1 redirects tpc.googlesyndication.com
2	tempest.services.disqus.com	fakeoff.disqus.com
2	www.google-analytics.com	fakeoff.org www.google-analytics.com
1	ups.analytics.yahoo.com	am-match.taboola.com
1	am-vid-events.taboola.com
1	wf.taboola.com	vidstat.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fakeoff.disqus.com	fakeoff.org
1	s7.addthis.com	fakeoff.org
0	token.rubiconproject.com Failed	eus.rubiconproject.com
270	47

This site contains links to these domains. Also see Links.

Domain
t.me
telegra.ph
twitter.com
www.youtube.com
www.accounting-ukraine.kiev.ua
www.patreon.com
www.pinterest.com

Subject Issuer	Validity	Valid
fakeoff.org R3	`2023-07-05` - `2023-10-03`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-08` - `2024-09-08`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
viglink.com Amazon RSA 2048 M01	`2023-02-24` - `2023-11-11`	9 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Frame ID: 8FC885634D4ED350E9CB147413EE7601
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: 0E45FFADEC17BA3AD9CBCD9E98BFCB91
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
Frame ID: 0D90A48CDF48502FDBA4C97CA352FE22
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=2462546285&adk=762166867&adf=1017359128&pi=t.ma~as.2462546285&w=890&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=890x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184575&bpp=5&bdt=766&idt=237&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&correlator=3249740934375&frm=20&pv=2&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CuzAqrb4sE&p=https%3A//fakeoff.org&dtd=250
Frame ID: 75581AFEA2AD17BB76F450C9D99F6452
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=3939279480&adk=2730552010&adf=1540473154&pi=t.ma~as.3939279480&w=890&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=890x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184580&bpp=1&bdt=770&idt=251&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=f9t6h05c0u&p=https%3A//fakeoff.org&dtd=255
Frame ID: 2BA36C49525699E4E7FDE01BD1B4E968
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=5416012684&adk=864902465&adf=1223954278&pi=t.ma~as.5416012684&w=1140&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=1140x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184581&bpp=1&bdt=772&idt=256&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C890x280&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=cgnu32ju4S&p=https%3A//fakeoff.org&dtd=259
Frame ID: 5C0686F4E19D97355D10E6FE9C2BC3B1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&adk=1812271804&adf=3025194257&lmt=1692518584&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184594&bpp=1&bdt=784&idt=248&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C890x280%2C1140x280&nras=1&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=258
Frame ID: 16AB0BD9DE7A717547AD704E1B4A3003
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Frame ID: 741168FDE124BB487E6F2E931443EA3D
Requests: 28 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Frame ID: 8F43C0EFCA70031F54DFA591D3502FAB
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANkRcJHUUKAAcfkisN0mYFqE1qtIDNXQ&u=%7CVb43q%2Fm5aCYanP2PpvBojoZ2IVqH4AbQYx1KC9XmQhA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860d9s3YOJM0yQbDq5bWmx7EGq3ZQ71SYtVNNnG_Wojlr0v07S8vvsAF-m12lq-_GPIGI52baQWfJlKxKj-ir5HxBdFf_dZHznWDRANsm-V1j8n266NkQnILOOIrtwGGEHIwFmjwUpS2BOTvyJAqlyW_dcddlFF547BtAnYRuKTyBFHV8sNQXgtYNqTAOvCj75yYWgiXr42VoqoX6MDUmOvQbZrdYaac8TUp_gXRT1CWgKddY_ydOJ23OWVv7y5KO58JjbvPY9IJF5TexQYlR2IheYDCAo-pfcuF9hBQZOb_tRxT6ubcURX93gkFv8Rn-EXogsQTE5LCT44wjcTQpxTuZe0iLP-Q6KI55ooMyG1YyVH1rn0g9YiJ754u2OIMsRXSdWSwwYGh-1sJW8qAZ_eXvG3QIcuj2JmLo8V_1Aghd3Rh7ixe1vlB6bSrCYTLnAdDvUKuGjrrqLD-fPZRWkeoUWjKil-KgN4p2LeUMUUJGBOmgYYK0Peg6DXWOWPByLs_oVgIiN_w0qcvavZDKwTMxpl4oE4qzRqYQlpsTKJM9bho2E6Ub-wbbF7WNlk-AXE-m2p39BjzWFI706UYt_PeN7O7ubMakmNZgL14MJpb0j40X4QoimywSX1l-HrZmalFvmu1Vg8cn4hUW8f_-Skg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu6C4yNbhZJeiNoqK9fgPkr-cgA_kj9KxXP_Q2ZGIAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEjAJP0KO0g8BgZkvijiQMqxxkAnW4xA8wFH8RkxSillhuKllm0WI56gTnobey3BWN6NFvu3SZcQpkzupy3Nty7-2GhETHzNp0bmeDlNl8iIPbvEJMPhVbc7Du_CA9kIhVfTQ3JbzTyzzxl9-ab_hDpMK45t0LhJPbzUAeXWLzX_bOcLpvfEeVJ6B5QwVvYMSOqM8C3fV4Kek5uugweX-Wrta1lLLtlCSwxRfUhENf7jetDbogCsW_jM2yfrGjOYKjt5w3baAFsze-nPagunrhKgILaKBb1d_ALTaivnZr81FX7qdOEgvYkMnvADPFN8-9VYsPCUH4xBlNMzSj_qV4krKgMIJ3azqxnHJWEOsZgAax-PifyOyf2VGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_16WnGcUAX36aTYToVeUqV5c-TP2w%26client%3Dca-pub-2093309234994562%26adurl%3D
Frame ID: 63EEAF686D2259C99E8CD0F9CC97D562
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4782448D6FAA189FD5400F3943B06A1C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1E070B753A183373549F28329F2818E8
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: A8AE52316B839776DE581A11BCB4EF72
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANxHgJHUv-AA7Opmr4HWaSARYOG4-W8Q&u=%7CWDqi2rV9RTKR0NRilrMNg1r88iWL5WwqCDoIML7PW6k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zq6ctsu8xxkTCLTX116eI_BkMpjUbFs37CClqiCI6alSJnwhd3xN8L2V_SMwzzqwiuv3ggHv8XbtccpI3wFSwpIXWoTjNwCDKXIhxovw8x_nz1AtoEbZsYmc_tnxoyGZiWDNnDgAwK2CrxOpdjeXRwNcmak-rV1S0vYWf83Nv3Zn1eTZDhGWGk_0N20ypbU4wOw11nGZPOXvrY-pFFvbFGSomp5u3m5UrpT2P70-SMGYsGtH-Fxt6zXKPfzMwQO1ozwtznom8oslOA3Yra2az_rXQmpIlZV3abgZum7dYnXxspSHpRwenEzhRGOjs8t_rRcNOp-nFsDUh0IoDAqHp2oLWhVrm4joJ3bR1BozrEBamWTWwCsjqFBNEBk9XPAorIBfZJuOZwIn12n4zssnQmzyoNhi9PAPMaciD8UfD4m7dYhwGEVWobNFTtvS14gZsMQ5S9AH0CuthpspyeFQZ1nHNOCeQU_b2WUvz3xfACkZWIerdQ4doyGRMugxqt4r5-u-ijFFTVm4fjUs5AGfHyTZ9ASW3fWaS2cGesX_GHxgYpBRfpwWBOLFcKi9tI7sieWI50r_IhSQecqmE4serY0KIwP-bFZhbEiYf8Q6lOezbIWSbGdGGIeN_OkyzXZiwgTn3nufki1T0eHQINihRjM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC4JoyNbhZPiIN_6X9fgPpp270Ajkj9KxXJfS54SzAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEhQJP0ECfRMQLfa54XCo9CdNbkJRz1NlfGxsE1vF8K1liPhfKthUS64g0b-bBbO-xhXNrs76sO48Rd88hN-PTsibr5wEVmv9gnP3DU2FEIX396AESLG60Tl4N3IwNf2bCpqwICTwyTaKBg5r9Vo0tWlw8wt8ngJykepaAHdfn0DgS0UFaLcyelv1vdC9NyZYEw5AgeVsBCOAm4SotwFbGzZ-X0huN_W-QCyw3lkFQR_R-XwYj8B1lhGPDQCXtLqxSCTWIqhNoWTqOZv4ugbjF7iBYRDG9wibdUMXBCZrWlZLIkU97I1c8UeyJzZwUVF-oWlSPM-oH7LzmIVP48Lvj-iTYw6XjyBWABrH4-J_I7J_ZUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NokEMTe_-SSpzlRZ2PViee_ZXQw%26client%3Dca-pub-2093309234994562%26adurl%3D
Frame ID: 99A8A80A9BDBEC5BC7CC6EE3EC8548C7
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANxHkJHUv-AA7OpqQI8dIMJcsphZTYpw&u=%7CWDqi2rV9RTJcEseW55gQ73OB6ltk9708%2Bzz78S2IzA4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zq6ctsu8xxkTCLTX116eI_BkMpjUbFs37GDgPM9cs2C5t-pCmnfGo9PrP_RFsD6SOXsEjRDoYQtQotOLrotmsCLhQxeGhr1cuSsYJSFvifjjMVwqmRkJ1TkRCrX97scXZgsCry1uJEEUwwj0TMzrpkN5mcDZg0O1JDJZspkbqVVpUTUZ729d9LGZNzXhAGF-Kbb54UVdhbdfhLDdKAQyZL1TDeJKiVd08751O05EqBuEyFTc5qMjiCEU7wBDE_iSwDC0XIzVwmkPsqtZOkONIPlZvrfHXRNKD7XrMAQApZSJLIVqJh3p42QPNUgAG8rs-KVoB1BLiUNqLvJ5j9sVmNe4yBZP2-_UTKWJ6FWz_aG0ssw1R9ly-TOblex6Tmc_fdAkgivIE-r3-ZLgOQ4OF8mTZUgeqQfFi-cY5ETPXvTcEb0vZ0AAVQMbzG85Asg6780xI7IX3-eMmxpoAkG6xCFQRHYhvvMcGbg_UManJOK3LA2QMyGsmWQ869I8i6ltaTfTjkxtDmUkdveI7khMXg7is71VfUbMUP7aP2isYlYfQnobw80WyLvVYNc7O8mhVO1rsOnXuVlEzIX2ywAH47mazaXz3QXipSu4WUVyKTQgnwqguk0qQkiXkKDHaYjpKD12VFvTTDTrZMp0ShuE5S8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkF7MyNbhZPmIN_6X9fgPpp270Ajkj9KxXJfS54SzAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEhQJP0MhGbYYjqDTYs_P_eJbnyuDK9BdQIjtpMTxRHh-TcUWGzKy_SZCOckqv5jdFLiOQFrXLNslOqQFFhQNM9pbRYlPmJQvsmMD6jE826HYhSmZXSRlIQjD-D9bsMKq3kzmBjBCs7TH0XYh2nX4IuQkf9yceSrPP45jn376bZxHDF1MZTw56d_dKD2S0xpY3BChqEmtD2Zk2kywVULNktNPZHsLR5yF7LscXj6_brU_T-0nDYYwPxwFyKWGnUDI75CXBXdoeY9j1s8_SFPBveTxyEynWbW7XDYIjUM3Uj3VzzrB67mDYcCGIoVDVE_BJ8aVBBpGdCHZWU26_DN5tmj955AllWVuABrH4-J_I7J_ZUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TZjfbFO1TF-JY_7RXWoUlXDEVVA%26client%3Dca-pub-2093309234994562%26adurl%3D
Frame ID: C9250FE6873A0DE52BD397A097689652
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: FEC91F3B128E8558390315682789677A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: 4164E0CDD462E1587EE6156594C89E4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 270AB090F81F25C42BAAE57EB55BB708
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: E144180FA537E2313F556736FD38296B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B6E37106893AF37FE5A3FDEAAC33F24
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3FB2FE5A0CA609D9F7A96D8B51B3DBC
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&cmcv=&pix=undefined&cb=1692522191471&uv=3321&tms=1692522191471&abt=nonrv_vA!t45!testmsn_vB!ufm&ru=https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ad1d5558-ecc7-414e-8c60-07be3dbfe8a4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B4E4217E6FE6C49D42B4E9A1C5ED9B28
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0E84F3F4B8F4B2075AD8EE478674A1B8
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: AD90D4FDB8C822A766AB515791838D7C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Крупнейший крипто-проект ОАЭ venom.network – запланированный скам | FAKEOFF

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AddThis (Widgets) Expand

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

270
Requests

97 %
HTTPS

57 %
IPv6

23
Domains

47
Subdomains

38
IPs

6
Countries

3908 kB
Transfer

10666 kB
Size

16
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/vchkogpu/39276
Title: источник

Search URL Search Domain Scan URL

URL: https://telegra.ph/Tadzhiki-v-Rossii-krestitsya-i-na-front-CHto-nuzhno-russkom-miru-ot-novyh-rossiyan-08-18
Title: Голос Ислама

Search URL Search Domain Scan URL

URL: https://twitter.com/fakeofforg

Search URL Search Domain Scan URL

URL: http://t.me/fakeofforg

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@fak30ff

Search URL Search Domain Scan URL

URL: https://www.accounting-ukraine.kiev.ua/buhuslugi.htm

Search URL Search Domain Scan URL

URL: https://www.patreon.com/fakeoff

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/fakeofforg/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY_uuVEhCwCRiwCTIIOlh0sxT1AzA HTTP 301
https://tpc.googlesyndication.com/simgad/14658784301710031259

Request Chain 87

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=64e1d6c878d6aad5f86c12516aca61bc&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1& HTTP 307
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=64e1d6c878d6aad5f86c12516aca61bc&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1& HTTP 307
https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c878d6aad5f86c12516aca61bc&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&

Request Chain 140

https://googleads.g.doubleclick.net/pagead/adview?ai=C4XC7yNbhZKmrNa6t9fgPyfq3uA6qzsi9cIWS25ubDK3K_d8FEAEgkf6nCWC7vpaD0AqgAbC6odcDyAEJqQI9mh0vtj2yPqgDAcgDywSqBJQCT9CU6auZVnV6jSOyr3yAShsRpXzd3s4qAn-69yChUcmdDixbrnP1jgH4kA16zPCowmXgWGSfaoohVcukV_578xX7aVZa3_kPZu6sj6hgRFITYVEqpvJP0tXRVH5XZhFGnMZtTcQcnex_pTyD0jl5kHN4w6b4mTIWgLuP0aM7B57HcSS9GtUBGesDogB0MxN4R7i6ZgY1s2tQdaH53IAUWBsB3tDxLWo6lARdnUhgZmPn2m8Lf_0rINb8AhdHANs28C56vkA1_71uIyrSlTa61HYJLMgzGvVuLk5Xdy_pdBATmqw7j2OS_QlsHm7d2AzX3OOGqzCj4IhuUOx1bDpvcMea4eVf8-RgLtvtxCfiLv0vxVzVwATuzo_XmgOSBQQIBBgBkgUECAUYBKAGLoAH5-HQYqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD63wfSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk7aHR0cHM6Ly9rYXlhay5jby51ay9zZW1pL2dkbnRleHQvZmxpZ2h0X2dlbmVyYWwvYW55L2VuLmh0bWyACgHICwHYEwyIFAXQFQGAFwGyFxwKGggAEhRwdWItMjA5MzMwOTIzNDk5NDU2MhgA&sigh=ea-bJtpyT-8&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWVyzU0sngQDcIpJd7yagwrYEsBr9ElxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214821025503054970980%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226813602306083559633%22}&andc=true

Request Chain 142

https://googleads.g.doubleclick.net/pagead/adview?ai=CtZ51yNbhZJnLNq6t9fgPyfq3uA7Lhq-3covU89TPD4e_pM33ChABIJH-pwlgu76Wg9AKoAGdkJPQA8gBCagDAcgDywSqBJQCT9Avv4Iq0DluCr1NKXZGDSe0Ut6YCHNozZnMjCaz2OBrqY2kmzz-XaHOpL1MXBN3IFCyvpxBL_wlp9DbFhwDDg0WX7dUQQyU2aaVpdR0wX6ZPN5XqGYXjJ46Ng9kGJgNjGY2dXPvNOpFGy8dUlnsewowTUaZQTZ5MieZHIgGecC8iEZLQZNkHfzFdVFDMG4L6UwtjPTZMG23xQ_3XxBHs2I0y2S-3BqjWoG-9hhkCNtf2NUs7rhHKshbKVCiWCdMmssQuvgqWGbcmOPINgJfafLIhPQCPmZSO8mypTVAptiHKSFlIy0I98p-PTNLRwUYr-nJVZWdiLuBbF114GMPQjdLDcLb0YAfp_Hm6Hi7DUDj_URPwAT08OKcsAGSBQQIBBgBkgUECAUYBKAGLoAHy-_sL6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOC9B9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCS1odHRwczovL3VrLnRyZXguY29tL3doeS10cmV4L2luZHVzdHJ5LWxlYWRlci-ACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMjA5MzMwOTIzNDk5NDU2MhgA&sigh=YsRftpQqiTw&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWctSdqtytFcgPZDcVBtLd1LSBcTUNYxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211217539676454291098%22,%22debug_reporting%22:true,%22destination%22:%22https://trex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973391901%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22878046684637354417%22}&andc=true

Request Chain 150

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=64e1d6c97f513603c7ff6b2b0c93b77b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1& HTTP 307
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=64e1d6c97f513603c7ff6b2b0c93b77b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1& HTTP 307
https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c97f513603c7ff6b2b0c93b77b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&

Request Chain 151

https://googleads.g.doubleclick.net/pagead/adview?ai=CfoZYyNbhZPeIN_6X9fgPpp270Aimud-1ctPlve_BEf_1kOPXAhABIJH-pwlgu76Wg9AKoAHTsfnIA8gBAakCm6q-rTRdtT6oAwHIA8sEqgSUAk_Q1ZHIOLrpBn20tS15nikvI7VBFV_Bq-Ffo0GU9svDISI7GF_BVYf08zMvrCUKWXC5QYahkeyskPZpx2mr8k3c39GIVCZifxnD74BRZ7aEtgLj3Po0Cq9-EJlcp2kaxypIpdsUhRuAPBBQo03olv4CIghxYVZ8QB40HE9m0E84eOUuvRnXL_rRQGY1obw3LBhPfVebnnkJlSJMhiZAMMraNuY-QG5BEYofRblEUPlIxIYdFwBSYvSyqDnZXtQ5OgiF7G4-3wn3G5cRMlQp1gk7GHH5dZZNWQRgJvCejEQjWdymmvdQymE1KfUZ3o0aMgPL6DM9azGI2ltKuCzn1bn8IDCjM_WNWy-ymlvxnKdoAH6eKMAEkfev56oEkgUECAQYAZIFBAgFGASAB4H3uimoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDV3gbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgmHAmh0dHBzOi8vcnMtdGhpbmtodWIuY29tL2NhdGVnb3J5L3Rlc3QtbWVhc3VyZW1lbnQ_Y21fbW1jPVVLLURJUy1fLVRITktIQi1fLUp1bHktMjMtXy1UaGluay1IdWItVCZNJmNtX21tYz1VSy1HRE4tRFMzQS1fLWdvb2dsZS1fLVJTX1RIVUItVCUyNk1fVUtfR0ROX0FXUl8wNjIzX0dCUF9QTzQ3MDAxOTYzNTktXy1Jbk1hcmtldC1fLSZtYXRjaHR5cGU9JiZzX2t3Y2lkPUFMITc0NTchMyE2NjUzMzExNzMyMzchIWZha2VvZmYub3JnIWQhISZnY2xzcmM9YXcuZHMmgAoByAsB2BMKiBQF0BUBgBcBshccChoIABIUcHViLTIwOTMzMDkyMzQ5OTQ1NjIYAA&sigh=0rxA1oYUxaE&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWwrzX8GJDn2Jq4IwkLshSfM5Bq1lpEBgB&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222577753308604162377%22,%22debug_reporting%22:true,%22destination%22:%22https://rs-thinkhub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22958290131%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221962633711629708993%22}&andc=true

Request Chain 159

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=64e1d6c9ff32e49e688f00cce135ea2b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1& HTTP 307
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=64e1d6c9ff32e49e688f00cce135ea2b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1& HTTP 307
https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c9ff32e49e688f00cce135ea2b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&

Request Chain 175

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

270 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam Show response
fakeoff.org/technology/ 20 KB
6 KB 313ms
43ms Document
text/html 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 820115ce30deeccaff8662b29c43cfc2cbf1c4a36ec038d5f88ef6604fdd5b29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: public
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Aug 2023 09:03:03 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK widget.css
fakeoff.org/assets/plugins.widget/css/ 62 B
386 B 43ms
42ms Stylesheet
text/css 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.widget/css/widget.css?v=439597491a7e684f9b1261c48da46e40
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 817d70bddb8df7ff77c6b3a993d05a0cbd9a2054bf8f3bdc9a809c51de5e7f32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Sep 2018 11:54:12 GMT
Server: nginx
ETag: W/"5ba38a64-3e"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK font-awesome.css
fakeoff.org/assets/plugins.font_awesome/v4/css/ 30 KB
8 KB 101ms
57ms Stylesheet
text/css 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.font_awesome/v4/css/font-awesome.css?v=31dcd02d8fc712bc1d3bbc2edd6e0b40
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 882146362bbda5e9239e3f72f1f25287ab01bf65ff9f0f66ef21cb6b39612be1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:19:56 GMT
Server: nginx
ETag: W/"5b5db0ec-78b7"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK bootstrap.css
fakeoff.org/assets/plugins.twitter_bootstrap/v3/css/ 114 KB
25 KB 184ms
98ms Stylesheet
text/css 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.twitter_bootstrap/v3/css/bootstrap.css?v=307c64c6d5ba9664dcc6877e166c04d9
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: e539166703acdb986b1bdd604d99375cf8c97bc778ca15ad20570ae29fcf9b4b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:20 GMT
Server: nginx
ETag: W/"5b5db104-1c865"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK add-ons.css
fakeoff.org/assets/plugins.twitter_bootstrap/v3/css/ 3 KB
980 B 192ms
106ms Stylesheet
text/css 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.twitter_bootstrap/v3/css/add-ons.css?v=307c64c6d5ba9664dcc6877e166c04d9
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: fb24099c13f8994e4214f45b7230ff4a4a595bfe703020170532b4501487823b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:20 GMT
Server: nginx
ETag: W/"5b5db104-b64"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK common.css
fakeoff.org/assets/themes.three/css/ 8 KB
2 KB 244ms
157ms Stylesheet
text/css 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/themes.three/css/common.css?v=296a0f012b43723f15d583f2835a13f3
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: a8250e9f40446d653c0d50f7735c067368a41df1bd5437423e0866f817f80e73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:39 GMT
Server: nginx
ETag: W/"5b5db117-1e14"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK content-entity.css
fakeoff.org/assets/themes.three/css/ 5 KB
2 KB 290ms
200ms Stylesheet
text/css 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/themes.three/css/content-entity.css?v=296a0f012b43723f15d583f2835a13f3
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: ed043c84e85828ce57668f1e6685168c5181288e34082786d5bf7cafaffc35f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:39 GMT
Server: nginx
ETag: W/"5b5db117-1236"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK require.js Show response
fakeoff.org/assets/plugins.assetman/ 17 KB
7 KB 341ms
249ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: dfcc7a84697ce28da8c0854bcc5974aea3e80c739550d98a14624dfdaeb713d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sat, 08 Sep 2018 02:25:47 GMT
Server: nginx
ETag: W/"5b93332b-4472"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK require-config.js Show response
fakeoff.org/assets/plugins.assetman/ 8 KB
2 KB 393ms
292ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.assetman/require-config.js?v=d5a78f78417c45893271df4f0da06f7d
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 3a540aaa26f49679d410f41f2d112b75102f5ee13897b0bc8d0ebc74398776bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Sep 2018 15:18:02 GMT
Server: nginx
ETag: W/"5ba50baa-1e47"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK logo-top-xs.png
fakeoff.org/assets/themes.three/img/ 4 KB
4 KB 298ms
297ms Image
image/png 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/assets/themes.three/img/logo-top-xs.png?v=296a0f012b43723f15d583f2835a13f3
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 74bbf74bc017075421e014c16268c77fb1a53faa5eed32261440ac2710fadbc6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:39 GMT
Server: nginx
ETag: W/"5b5db117-1016"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK logo-top.png
fakeoff.org/assets/themes.three/img/ 2 KB
3 KB 428ms
301ms Image
image/png 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/assets/themes.three/img/logo-top.png?v=296a0f012b43723f15d583f2835a13f3
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 6cd28d5735fb2a21f63082d3a4da74b9997b7d797993c88d3d435f33d43572a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:39 GMT
Server: nginx
ETag: W/"5b5db117-974"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 5e84d2de4351cd632c248dfa.png
fakeoff.org/image/resize/100/100/5e/84/ 2 KB
2 KB 378ms
300ms Image
image/png 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/100/100/5e/84/5e84d2de4351cd632c248dfa.png
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: b4e02c4b3382f922e0bb35c97423d7009f3ae4643caa83817d2d3ab505a4721f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Jul 2023 03:18:56 GMT
Server: nginx
ETag: W/"64bb4aa0-6a8"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK init-widgets.js Show response
fakeoff.org/assets/plugins.widget/js/ 84 B
433 B 98ms
98ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.widget/js/init-widgets.js?v=439597491a7e684f9b1261c48da46e40
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 49e7f86457be2fc1e41241bdb32270d4520e432ec608bca8ce6d1490b3429669

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Sep 2018 11:54:12 GMT
Server: nginx
ETag: W/"5ba38a64-54"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK pytsite-form.js Show response
fakeoff.org/assets/plugins.form/js/ 305 B
561 B 98ms
98ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.form/js/pytsite-form.js?v=c89bb285c888215b03d6efe995327ee2
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: e67a5b0c55f16ed1f176e45796b8cb57f8722c6ddea5384af39595590479c207

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Sep 2018 11:54:16 GMT
Server: nginx
ETag: W/"5ba38a68-131"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK theming.js Show response
fakeoff.org/assets/plugins.theming/js/ 126 B
466 B 148ms
147ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.theming/js/theming.js?v=ed48418bddf17d640e6775202a4be78a
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 357106abbbd067ad802d3d332d5ff5d711bd613a75362f8fe879288600ae433b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 10:24:51 GMT
Server: nginx
ETag: W/"5b7e8b73-7e"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK content.js Show response
fakeoff.org/assets/plugins.content/js/ 426 B
606 B 197ms
196ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.content/js/content.js?v=03c707fa6f89bfb3d20eb71e2fda64e5
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: cad9c55ca2dab97dc874e71a94132e38d392c030fcfa61f2eb2f3e5fbcbb21ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Sep 2018 15:51:50 GMT
Server: nginx
ETag: W/"5ba51396-1aa"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 247ms
69ms Script
text/javascript 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 09:03:04 GMT
server: Oracle API Gateway
opc-request-id: /35A0E2E1E524E243546A2AD9F5C048B7/5F6412BF4D9B9411EF5DBF89EAF43099
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK index.js Show response
fakeoff.org/assets/themes.three/js/ 2 KB
1 KB 247ms
246ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/themes.three/js/index.js?v=296a0f012b43723f15d583f2835a13f3
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 09bb641782bf84ccdb33a4ef092f25747cb29ea3035264ef235c8ffa2500c04e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:39 GMT
Server: nginx
ETag: W/"5b5db117-66c"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 261ms
148ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8faeed1b003d0c5cdf9f819240377c584e61616c052003299662734fc2bc30a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51132
x-xss-protection: 0
server: cafe
etag: 11678510519526226511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:04 GMT

GET
H/1.1 200
OK embed.js Show response
fakeoff.disqus.com/ 78 KB
25 KB 319ms
181ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fakeoff.disqus.com/embed.js

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

3bbf56fde0bc61dfa37b427b684372a828230584f870813ea13e814708793b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25457

GET
H/1.1 200
OK fontawesome-webfont.woff2
fakeoff.org/assets/plugins.font_awesome/v4/fonts/ 75 KB
76 KB 386ms
344ms Font
application/octet-stream 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.font_awesome/v4/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.font_awesome/v4/css/font-awesome.css?v=31dcd02d8fc712bc1d3bbc2edd6e0b40
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://fakeoff.org/assets/plugins.font_awesome/v4/css/font-awesome.css?v=31dcd02d8fc712bc1d3bbc2edd6e0b40
Origin: https://fakeoff.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:19:56 GMT
Server: nginx
ETag: W/"5b5db0ec-12d68"
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Connection: keep-alive

GET
H/1.1 200
OK jquery.js Show response
fakeoff.org/assets/plugins.jquery/ 83 KB
34 KB 345ms
345ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.jquery/jquery.js?v=02a26740e3989d4f8e9d892860fcf1f1
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: d1810776dec42d580c5473f9eb3022271dc873fe12ea5569ebde3483bbe155e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:00 GMT
Server: nginx
ETag: W/"5b5db0f0-14c0e"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK widget.js Show response
fakeoff.org/assets/plugins.widget/js/ 4 KB
2 KB 304ms
304ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.widget/js/widget.js?v=439597491a7e684f9b1261c48da46e40
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: c827141468086ed4b19cf8db10bf34505883f26c13d382e2d02549385ed4bd8b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Sep 2018 11:54:13 GMT
Server: nginx
ETag: W/"5ba38a65-e90"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK pytsite-form-module.js Show response
fakeoff.org/assets/plugins.form/js/ 8 KB
3 KB 301ms
301ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.form/js/pytsite-form-module.js?v=c89bb285c888215b03d6efe995327ee2
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 379c1f39e588b387daeb39fb44639aff04eb175e54956a572bb7b7d11d8b2a75

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Sep 2018 11:54:16 GMT
Server: nginx
ETag: W/"5ba38a68-1ec3"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK assetman.js Show response
fakeoff.org/assets/plugins.assetman/ 3 KB
2 KB 250ms
250ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.assetman/assetman.js?v=d5a78f78417c45893271df4f0da06f7d
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 87757e85a5722c6e5f54cde47cae0713053c1405219e9c80832d8bba2e91a357

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sat, 08 Sep 2018 02:25:46 GMT
Server: nginx
ETag: W/"5b93332a-a9d"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK http-api.js Show response
fakeoff.org/assets/plugins.http_api/ 677 B
725 B 265ms
264ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.http_api/http-api.js?v=706ea0d5c078ea7e84bfbac1b93007f4
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 61b1ad40dd51ac1ac88c81a05b61379e32ea5acded9a1f0ab8ad022ec02648f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Sep 2018 15:18:02 GMT
Server: nginx
ETag: W/"5ba50baa-2a5"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK responsive.js Show response
fakeoff.org/assets/plugins.responsive/ 1 KB
1020 B 301ms
301ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.responsive/responsive.js?v=bf4284db0e35f14ccfdba848fe10f01f
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 55a8894c845a5eefb404c9a0cf652f94d41e64fbee0f8788306e49de5d5c16cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:42 GMT
Server: nginx
ETag: W/"5b5db11a-577"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 175ms
54ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 07:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 20 Aug 2023 09:49:43 GMT

GET
H/1.1 200
OK cookie.js Show response
fakeoff.org/assets/plugins.js_cookie/ 2 KB
1 KB 253ms
253ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.js_cookie/cookie.js?v=3eae6ab43b168acafae82726121e0161
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 96b7c1b36ae52b0d2039517d6c023bde44d98c1b2d0b59584b0048b0eff6ed85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:46 GMT
Server: nginx
ETag: W/"5b5db11e-68f"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK jquery-gotop.js Show response
fakeoff.org/assets/plugins.jquery_gotop/ 968 B
898 B 319ms
319ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.jquery_gotop/jquery-gotop.js?v=62f5a0dabdf2cb47089f41cc610aad9d
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 10d607e4338e832a6e578de0acf1cdc78b4b3fe20a9e8076a1c770f8c7eb995d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:44 GMT
Server: nginx
ETag: W/"5b5db11c-3c8"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/ 393 KB
132 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2093309234994562&plah=fakeoff.org&bust=31077198

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dde09bc6e291c24014135803bb635d6c72f9c18e5ccf6a0d71a874a2daff76c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134781
x-xss-protection: 0
server: cafe
etag: 936046136566557992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame 0E45 10 KB
5 KB 165ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 8929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 06:34:15 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 06:34:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 0D90 7 KB
4 KB 283ms
170ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default

Requested by

Host: fakeoff.disqus.com
URL: https://fakeoff.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2539cc579a002b56de22ee5f2df5b12b06179e0da41e70ddb0820226da80ca70

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3053
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 20 Aug 2023 09:03:04 GMT
ETag: W/"lounge:view:9745396536.7e74f0a5b40d0e475efd6cb47ae116fd.2"
Last-Modified: Thu, 22 Jun 2023 16:39:37 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 29 KB
10 KB 303ms
175ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=fakeoff&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%23337ab7&colorScheme=light&sourceUrl=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&typeface=sans-serif&disqus_version=current
Requested by: Host: fakeoff.disqus.com
URL: https://fakeoff.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: e0417462ea1114f192bbcdfcc54f2c6520f4f2d632140fb1d2a7114e742e1c2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9858

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 29 KB
10 KB 310ms
183ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=fakeoff&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%23337ab7&colorScheme=light&sourceUrl=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&typeface=sans-serif&disqus_version=current
Requested by: Host: fakeoff.disqus.com
URL: https://fakeoff.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: a5952bc1b016c6fbd9584e8a338200e0d90a77c1867a29b57259eb189a23333e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9861

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 262ms
147ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=29pcvgr38faa08&experiment=prebidbidisrequired&variant=active&service=dynamic&area=top&product=embed&forum=fakeoff&zone=thread&version=cd63a892ad6cfe24a51d9c0f999a4afa&page_url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive&section=default&verb=call&adjective=1&forum_id=3456147

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 256ms
141ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=29pcvgr38faa08&experiment=prebidbidisrequired&variant=active&service=dynamic&area=bottom&product=embed&forum=fakeoff&zone=thread&version=cd63a892ad6cfe24a51d9c0f999a4afa&page_url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive&section=default&verb=call&adjective=1&forum_id=3456147

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
219 B 62ms
62ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=89771677&t=pageview&_s=1&dl=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ul=en-us&de=UTF-8&dt=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC%20%7C%20FAKEOFF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1323087773&gjid=186282369&cid=1290481572.1692522185&tid=UA-58233845-1&_gid=120456035.1692522185&_r=1&_slc=1&z=1473088623

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2014f070d3d6ef2ad40b72275cf98727b040061d6191fbeaaeb7798d84fd4801

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:03:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fakeoff.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bootstrap.js Show response
fakeoff.org/assets/plugins.twitter_bootstrap/v3/js/ 36 KB
12 KB 302ms
302ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.twitter_bootstrap/v3/js/bootstrap.js?v=307c64c6d5ba9664dcc6877e166c04d9
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 768d156b1c28b94a6179150e7465261c78e333722c4564fd419df6de364c3a2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:21 GMT
Server: nginx
ETag: W/"5b5db105-8fe3"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 162ms
54ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-58233845-1&cid=1290481572.1692522185&jid=1323087773&gjid=186282369&_gid=120456035.1692522185&_u=IEBAAEAAAAAAACAAI~&z=333729964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 20 Aug 2023 09:03:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fakeoff.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 186ms
74ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74NFLJBQ6S&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6e44887abfd62136f8138608b16ce6d7e5799fd57545922565f40c319fbb14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80374
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 20 Aug 2023 09:03:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 171ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fakeoff.org&callback=_gfp_s_&client=ca-pub-2093309234994562

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2093309234994562&plah=fakeoff.org&bust=31077198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1ced88aee6543ae3e8cd5d651d2aeb51aac67f0f5b7d296daa7efcf36754c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7558 129 KB
39 KB 443ms
442ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=2462546285&adk=762166867&adf=1017359128&pi=t.ma~as.2462546285&w=890&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=890x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184575&bpp=5&bdt=766&idt=237&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&correlator=3249740934375&frm=20&pv=2&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CuzAqrb4sE&p=https%3A//fakeoff.org&dtd=250

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332f1e0cb7c994860bdb33139733134ebc3a799d880347bc3df13f9dfdb1afad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39722
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:05 GMT
expires: Sun, 20 Aug 2023 09:03:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BA3 121 KB
40 KB 390ms
389ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=3939279480&adk=2730552010&adf=1540473154&pi=t.ma~as.3939279480&w=890&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=890x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184580&bpp=1&bdt=770&idt=251&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=f9t6h05c0u&p=https%3A//fakeoff.org&dtd=255

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da97307d3fb6e77054701a1aca9808f11a63c5e91796ebb5d7cb0ecfb3b18071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40655
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:05 GMT
expires: Sun, 20 Aug 2023 09:03:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C06 34 KB
14 KB 239ms
239ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=5416012684&adk=864902465&adf=1223954278&pi=t.ma~as.5416012684&w=1140&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=1140x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184581&bpp=1&bdt=772&idt=256&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C890x280&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=cgnu32ju4S&p=https%3A//fakeoff.org&dtd=259

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89bb5890cbbb6f146af883d6214b3e90b0083b1da71eee079ff5bf7887b6c553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14158
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:05 GMT
expires: Sun, 20 Aug 2023 09:03:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK jquery.scrollTo.js Show response
fakeoff.org/assets/plugins.jquery_scrollto/ 2 KB
2 KB 298ms
298ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.jquery_scrollto/jquery.scrollTo.js?v=8dbac4f616a971ee6f01ff495f90dc82
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 0de3af892e27f6be3549ed0afccbcc37b3fbba0a84f7f5227de945cf7b6fbe6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Jul 2018 12:20:02 GMT
Server: nginx
ETag: W/"5b5db0f2-8dd"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16AB 253 KB
53 KB 459ms
459ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&adk=1812271804&adf=3025194257&lmt=1692518584&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184594&bpp=1&bdt=784&idt=248&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C890x280%2C1140x280&nras=1&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99499cfa9f402951490ac306dbb7e3a8bfda458864cea88e3ba6a7d28257017c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54196
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:05 GMT
expires: Sun, 20 Aug 2023 09:03:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK build-timestamps.js Show response
fakeoff.org/assets/plugins.assetman/ 2 KB
1 KB 297ms
297ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.assetman/build-timestamps.js?v=d5a78f78417c45893271df4f0da06f7d
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: ecf22181714d1e0606c99a078d696f5dc1e83c2c0229198c03fc7a28326f0c4c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Sep 2018 15:51:50 GMT
Server: nginx
ETag: W/"5ba51396-8e0"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK package-aliases.js Show response
fakeoff.org/assets/plugins.assetman/ 1 KB
788 B 297ms
297ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.assetman/package-aliases.js?v=d5a78f78417c45893271df4f0da06f7d
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: ed616cc61720ccb3502f66e440842f7d570aee2aefb43181d060768fb775a3f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Sep 2018 15:51:50 GMT
Server: nginx
ETag: W/"5ba51396-5bf"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK libraries.js Show response
fakeoff.org/assets/plugins.assetman/ 380 B
506 B 301ms
301ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.assetman/libraries.js?v=d5a78f78417c45893271df4f0da06f7d
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: b1a323f7710dd82c6958dbaa1a56fbeb28cb171ca8eb7a6838e2fc215e8d6cd8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Sep 2018 15:51:50 GMT
Server: nginx
ETag: W/"5ba51396-17c"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 lounge.load.cd63a892ad6cfe24a51d9c0f999a4afa.js Show response
c.disquscdn.com/next/embed/ Frame 0D90 1 KB
1 KB 262ms
55ms Script
application/javascript 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.cd63a892ad6cfe24a51d9c0f999a4afa.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

28a1e388fda894bf20c11c9f44e0c27ac6a848200af3d340724a582317717ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 02 Aug 2023 23:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1503530
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 624
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 02 Aug 2023 23:18:56 GMT
server: nginx
etag: "64cae460-270"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: _8p9ezbTtv4eU_7SnkdMr0N2q6EN4_gB1j6vgH2rAt7oT572zCw6Gg==
expires: Thu, 01 Aug 2024 23:24:15 GMT

GET
H/1.1 200
OK 6494729f4351cd76ab875b2b.jpeg
fakeoff.org/image/resize/1150/700/64/94/ 34 KB
31 KB 314ms
313ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/1150/700/64/94/6494729f4351cd76ab875b2b.jpeg
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 858bde92d1d321a683f55bb4afcfafc79d35e7c86511dbf63e12f8c1ce2bda73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Jul 2023 17:38:05 GMT
Server: nginx
ETag: W/"64bc13fd-8922"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 649472714351cd76ab875b2a.jpeg
fakeoff.org/image/resize/900/0/64/94/ 56 KB
47 KB 340ms
339ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/900/0/64/94/649472714351cd76ab875b2a.jpeg
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: b6fc48860542f440751fe88bb71b5a664493133bcddfef8b80bd9d636c63a16d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Jul 2023 17:38:04 GMT
Server: nginx
ETag: W/"64bc13fc-de0c"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 649472714351cd76ab875b29.jpeg
fakeoff.org/image/resize/900/0/64/94/ 78 KB
72 KB 341ms
341ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/900/0/64/94/649472714351cd76ab875b29.jpeg
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 6dac4b41bbdb43718bf764a44bf24c3fbffbab323eafc6ad404e9202d1f73a9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 07:41:48 GMT
Server: nginx
ETag: W/"64d8893c-139b2"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame 7411 589 KB
167 KB 229ms
52ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9a24eacaaf00cc24586ad48b2f080191933cd4d48909f4eb146a79848319cd0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: wQR8ckM0Pn7.ARo52R5yx0TIl.JrUALK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 20 Aug 2023 09:03:05 GMT
x-amz-request-id: PPZRQCKHP4YRFD8A
age: 61
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 170056
x-amz-id-2: h6KVf5vz/jXB2C8fk4Uti00IpW+GVPMd9pLyYVjGSDGHfkaigNxhM72e3XbrARaSmO5z6itWnyU=
x-served-by: cache-fra-etou8220025-FRA
last-modified: Thu, 17 Aug 2023 14:46:44 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692522185.184145,VS0,VE0
etag: "929c4ba7801dabd04861e627067ec832"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 36
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame 8F43 589 KB
165 KB 265ms
103ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 468cafe24cf8903ea148d52effcdcabfaabf59d5cb60cbc0da3b48963714e885

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: wQR8ckM0Pn7.ARo52R5yx0TIl.JrUALK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 20 Aug 2023 09:03:05 GMT
x-amz-request-id: W5RHHC9Z8KW3KT8X
age: 745
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 10
x-amz-replication-status: FAILED
content-length: 168061
x-amz-id-2: uMevVG8YSTYCzQ5Q0eiyUAmN8RvHZSXIEAfyv66ORwpDs4KFr/V1TI07s89bLCAsLeLcx1Ea5Kw=
x-served-by: cache-fra-etou8220025-FRA
last-modified: Sun, 20 Aug 2023 08:50:40 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692522185.184414,VS0,VE2
etag: "f60b0d73927a2ffea64080080f785a22d1186cf6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 27
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 5C06 3 KB
1 KB 181ms
61ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=5416012684&adk=864902465&adf=1223954278&pi=t.ma~as.5416012684&w=1140&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=1140x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184581&bpp=1&bdt=772&idt=256&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C890x280&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=cgnu32ju4S&p=https%3A//fakeoff.org&dtd=259

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 17:43:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 5C06 20 KB
8 KB 173ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C06 180 KB
57 KB 182ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 63EE 184 KB
57 KB 247ms
112ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANkRcJHUUKAAcfkisN0mYFqE1qtIDNXQ&u=%7CVb43q%2Fm5aCYanP2PpvBojoZ2IVqH4AbQYx1KC9XmQhA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860d9s3YOJM0yQbDq5bWmx7EGq3ZQ71SYtVNNnG_Wojlr0v07S8vvsAF-m12lq-_GPIGI52baQWfJlKxKj-ir5HxBdFf_dZHznWDRANsm-V1j8n266NkQnILOOIrtwGGEHIwFmjwUpS2BOTvyJAqlyW_dcddlFF547BtAnYRuKTyBFHV8sNQXgtYNqTAOvCj75yYWgiXr42VoqoX6MDUmOvQbZrdYaac8TUp_gXRT1CWgKddY_ydOJ23OWVv7y5KO58JjbvPY9IJF5TexQYlR2IheYDCAo-pfcuF9hBQZOb_tRxT6ubcURX93gkFv8Rn-EXogsQTE5LCT44wjcTQpxTuZe0iLP-Q6KI55ooMyG1YyVH1rn0g9YiJ754u2OIMsRXSdWSwwYGh-1sJW8qAZ_eXvG3QIcuj2JmLo8V_1Aghd3Rh7ixe1vlB6bSrCYTLnAdDvUKuGjrrqLD-fPZRWkeoUWjKil-KgN4p2LeUMUUJGBOmgYYK0Peg6DXWOWPByLs_oVgIiN_w0qcvavZDKwTMxpl4oE4qzRqYQlpsTKJM9bho2E6Ub-wbbF7WNlk-AXE-m2p39BjzWFI706UYt_PeN7O7ubMakmNZgL14MJpb0j40X4QoimywSX1l-HrZmalFvmu1Vg8cn4hUW8f_-Skg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu6C4yNbhZJeiNoqK9fgPkr-cgA_kj9KxXP_Q2ZGIAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEjAJP0KO0g8BgZkvijiQMqxxkAnW4xA8wFH8RkxSillhuKllm0WI56gTnobey3BWN6NFvu3SZcQpkzupy3Nty7-2GhETHzNp0bmeDlNl8iIPbvEJMPhVbc7Du_CA9kIhVfTQ3JbzTyzzxl9-ab_hDpMK45t0LhJPbzUAeXWLzX_bOcLpvfEeVJ6B5QwVvYMSOqM8C3fV4Kek5uugweX-Wrta1lLLtlCSwxRfUhENf7jetDbogCsW_jM2yfrGjOYKjt5w3baAFsze-nPagunrhKgILaKBb1d_ALTaivnZr81FX7qdOEgvYkMnvADPFN8-9VYsPCUH4xBlNMzSj_qV4krKgMIJ3azqxnHJWEOsZgAax-PifyOyf2VGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_16WnGcUAX36aTYToVeUqV5c-TP2w%26client%3Dca-pub-2093309234994562%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9fe06903fdbfb9402413fd79cb5b520b3d172c9d4507aa3b8b5184935f238507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oXO5i9JqmzHu_TBW7BQOUAslvnCV7oFPAx4PJlw123JCrVUfmB-KGrW3UjHbn-seQST0I7EQIlZDyBQkOw77gYBxKsNzkYcbDiIpo1ttRb7zzVg4vjCVzIShx04hauN9_ijPetZj_s__emS5yCVVwhyjCAbI1Y8hk96U9dEqPtYyzjZ8ghfaMlUpQ6u0LnR2a3Q5wkZSJGksTjKGRi24gp3s44cHHZE3_7r7ZA7ke7Lnl12gq5wSgJIzpSZVPYCtMOUFtQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55641200
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 181ms
62ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-74NFLJBQ6S&gtm=45je38g0&_p=89771677&ul=en-us&sr=1600x1200&cid=1290481572.1692522185&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&dt=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC%20%7C%20FAKEOFF&sid=1692522185&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74NFLJBQ6S&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:03:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fakeoff.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.bundle.bd025bf3007ff95742135c35c9b5ea9f.js Show response
c.disquscdn.com/next/embed/ Frame 0D90 280 KB
93 KB 176ms
64ms Script
application/javascript 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.bd025bf3007ff95742135c35c9b5ea9f.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.cd63a892ad6cfe24a51d9c0f999a4afa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b3d54daf6356a09e4bd428958907e7df82a65c89245970aabb540678a5cd7ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 02 Aug 2023 23:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1503530
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94132
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 02 Aug 2023 23:18:56 GMT
server: nginx
etag: "64cae460-16fb4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 5U6oIwLEW1dQPEZRZVVxwPOTCOZFOVX9oeyM9rGI6Aul1EidEyM1NA==
expires: Thu, 01 Aug 2024 23:24:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2BA3 14 KB
2 KB 184ms
65ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=3939279480&adk=2730552010&adf=1540473154&pi=t.ma~as.3939279480&w=890&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=890x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184580&bpp=1&bdt=770&idt=251&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=f9t6h05c0u&p=https%3A//fakeoff.org&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 08:08:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 2BA3 2 KB
973 B 56ms
55ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7558 4 KB
728 B 88ms
65ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=2462546285&adk=762166867&adf=1017359128&pi=t.ma~as.2462546285&w=890&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=890x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184575&bpp=5&bdt=766&idt=237&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&correlator=3249740934375&frm=20&pv=2&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CuzAqrb4sE&p=https%3A//fakeoff.org&dtd=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 08:08:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 7558 2 KB
926 B 65ms
64ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 7558 23 KB
9 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 7558 3 KB
1 KB 137ms
136ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 17:43:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 7558 20 KB
8 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7558 180 KB
56 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 7558 35 KB
15 KB 173ms
65ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15117183273783860067/ Frame 2BA3 49 KB
49 KB 65ms
65ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15117183273783860067/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fe1563928bcb5f4908d38e4f5a677636cce070e0a6b304e35748c816beb5830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 11:30:37 GMT
x-content-type-options: nosniff
age: 423148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49844
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 13:52:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 11:30:37 GMT

GET
DATA 200
OK truncated
/ Frame 2BA3 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2BA3 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dedd519dc51df12b16a8ab8f955e77614b068d9c216cc1dc8468c17186e1d7a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5C06 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60fe1dd3ae260e63f97bbad7ac710336f40ae974ec7bc53d65736b502253ebe7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 2BA3 23 KB
9 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 2BA3 3 KB
1 KB 132ms
132ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 17:43:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 2BA3 20 KB
8 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 2BA3 2 KB
926 B 133ms
133ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BA3 180 KB
56 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 2BA3 35 KB
15 KB 164ms
52ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
DATA 200
OK truncated
/ Frame 7558 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

14658784301710031259
tpc.googlesyndication.com/simgad/ Frame 7558
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY_uuVEhCwCRiwCTIIOlh0sxT1AzA
https://tpc.googlesyndication.com/simgad/14658784301710031259

21 KB
21 KB

53ms
52ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14658784301710031259

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

110962f5777d422e4b79571633dd4798a7c32701fd5f85e0111ec25636b3ec60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:53:30 GMT
x-content-type-options: nosniff
age: 97775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21571
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 09:14:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 05:53:30 GMT

Redirect headers

date: Sat, 19 Aug 2023 22:08:21 GMT
x-content-type-options: nosniff
server: cafe
age: 39284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14658784301710031259
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Sep 2023 22:08:21 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 63EE 2 KB
1 KB 180ms
58ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANkRcJHUUKAAcfkisN0mYFqE1qtIDNXQ&u=%7CVb43q%2Fm5aCYanP2PpvBojoZ2IVqH4AbQYx1KC9XmQhA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860d9s3YOJM0yQbDq5bWmx7EGq3ZQ71SYtVNNnG_Wojlr0v07S8vvsAF-m12lq-_GPIGI52baQWfJlKxKj-ir5HxBdFf_dZHznWDRANsm-V1j8n266NkQnILOOIrtwGGEHIwFmjwUpS2BOTvyJAqlyW_dcddlFF547BtAnYRuKTyBFHV8sNQXgtYNqTAOvCj75yYWgiXr42VoqoX6MDUmOvQbZrdYaac8TUp_gXRT1CWgKddY_ydOJ23OWVv7y5KO58JjbvPY9IJF5TexQYlR2IheYDCAo-pfcuF9hBQZOb_tRxT6ubcURX93gkFv8Rn-EXogsQTE5LCT44wjcTQpxTuZe0iLP-Q6KI55ooMyG1YyVH1rn0g9YiJ754u2OIMsRXSdWSwwYGh-1sJW8qAZ_eXvG3QIcuj2JmLo8V_1Aghd3Rh7ixe1vlB6bSrCYTLnAdDvUKuGjrrqLD-fPZRWkeoUWjKil-KgN4p2LeUMUUJGBOmgYYK0Peg6DXWOWPByLs_oVgIiN_w0qcvavZDKwTMxpl4oE4qzRqYQlpsTKJM9bho2E6Ub-wbbF7WNlk-AXE-m2p39BjzWFI706UYt_PeN7O7ubMakmNZgL14MJpb0j40X4QoimywSX1l-HrZmalFvmu1Vg8cn4hUW8f_-Skg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu6C4yNbhZJeiNoqK9fgPkr-cgA_kj9KxXP_Q2ZGIAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEjAJP0KO0g8BgZkvijiQMqxxkAnW4xA8wFH8RkxSillhuKllm0WI56gTnobey3BWN6NFvu3SZcQpkzupy3Nty7-2GhETHzNp0bmeDlNl8iIPbvEJMPhVbc7Du_CA9kIhVfTQ3JbzTyzzxl9-ab_hDpMK45t0LhJPbzUAeXWLzX_bOcLpvfEeVJ6B5QwVvYMSOqM8C3fV4Kek5uugweX-Wrta1lLLtlCSwxRfUhENf7jetDbogCsW_jM2yfrGjOYKjt5w3baAFsze-nPagunrhKgILaKBb1d_ALTaivnZr81FX7qdOEgvYkMnvADPFN8-9VYsPCUH4xBlNMzSj_qV4krKgMIJ3azqxnHJWEOsZgAax-PifyOyf2VGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_16WnGcUAX36aTYToVeUqV5c-TP2w%26client%3Dca-pub-2093309234994562%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 63EE 2 KB
1 KB 182ms
59ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 63EE 308 B
636 B 124ms
58ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 63EE 293 B
621 B 124ms
59ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 63EE 43 B
348 B 212ms
64ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cIlICFmZR4rbGZxU3IZgyUUjo2GQCPxI4yOOO8Os_y9njdKvU8U1Rv4DlYgaW-HSZtHVPwjKzWm4ULMuZwBEFJ06B9KSGuUnU_txM1nQqWhMFe7etgrO-PG-nPLsW3BiKj00dCFPf_lQMJjQifoE8YvBOaKg0FVtwPbdp0rcD9o9_cWSCCeesWsfIbAdEdTpoUwb9s53uKYc7RrenK224sE-gYoZFEsVG-QVVe5qt0O7i_34QJI5GHrhq9lNZRYlOgk4JEY5l3NHrI7FNcJGflh-00sq2VuLmzsZHptjk_V0OJZH1fI8oLCHtvbC_yWkf64gWOPti9mgOCS4ar_fF-iOwFWDQfo07RAL3QLyrt2UunyR0jOcw2fGQckK135YTOkGhAe5VkBxvWk1bQJgBsKlx2oHWJg9Rt79laJlqpXSYRWCYZm-D-7_DTY31SjETKhwY9Hv3lwtmM357cRx2rR4g3ztUCRZRwiEt_MLuZ_T98zV4ckR8Onb3D7JwOq47zRguhFeuo8I5oB66RhALH6SqooFy1bQ_RBoYEdbHcVOh1Xq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1819455
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
cs.mytheresa.com/mix/v3/ Frame 63EE
Redirect Chain

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=64e1d6c878d6aad5f86c12516aca61bc&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=64e1d6c878d6aad5f86c12516aca61bc&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp...
https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c878d6aad5f86c12516aca61bc&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&

43 B
990 B

117ms
54ms

Image
image/gif

35.181.77.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c878d6aad5f86c12516aca61bc&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANkRcJHUUKAAcfkisN0mYFqE1qtIDNXQ&u=%7CVb43q%2Fm5aCYanP2PpvBojoZ2IVqH4AbQYx1KC9XmQhA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860d9s3YOJM0yQbDq5bWmx7EGq3ZQ71SYtVNNnG_Wojlr0v07S8vvsAF-m12lq-_GPIGI52baQWfJlKxKj-ir5HxBdFf_dZHznWDRANsm-V1j8n266NkQnILOOIrtwGGEHIwFmjwUpS2BOTvyJAqlyW_dcddlFF547BtAnYRuKTyBFHV8sNQXgtYNqTAOvCj75yYWgiXr42VoqoX6MDUmOvQbZrdYaac8TUp_gXRT1CWgKddY_ydOJ23OWVv7y5KO58JjbvPY9IJF5TexQYlR2IheYDCAo-pfcuF9hBQZOb_tRxT6ubcURX93gkFv8Rn-EXogsQTE5LCT44wjcTQpxTuZe0iLP-Q6KI55ooMyG1YyVH1rn0g9YiJ754u2OIMsRXSdWSwwYGh-1sJW8qAZ_eXvG3QIcuj2JmLo8V_1Aghd3Rh7ixe1vlB6bSrCYTLnAdDvUKuGjrrqLD-fPZRWkeoUWjKil-KgN4p2LeUMUUJGBOmgYYK0Peg6DXWOWPByLs_oVgIiN_w0qcvavZDKwTMxpl4oE4qzRqYQlpsTKJM9bho2E6Ub-wbbF7WNlk-AXE-m2p39BjzWFI706UYt_PeN7O7ubMakmNZgL14MJpb0j40X4QoimywSX1l-HrZmalFvmu1Vg8cn4hUW8f_-Skg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu6C4yNbhZJeiNoqK9fgPkr-cgA_kj9KxXP_Q2ZGIAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEjAJP0KO0g8BgZkvijiQMqxxkAnW4xA8wFH8RkxSillhuKllm0WI56gTnobey3BWN6NFvu3SZcQpkzupy3Nty7-2GhETHzNp0bmeDlNl8iIPbvEJMPhVbc7Du_CA9kIhVfTQ3JbzTyzzxl9-ab_hDpMK45t0LhJPbzUAeXWLzX_bOcLpvfEeVJ6B5QwVvYMSOqM8C3fV4Kek5uugweX-Wrta1lLLtlCSwxRfUhENf7jetDbogCsW_jM2yfrGjOYKjt5w3baAFsze-nPagunrhKgILaKBb1d_ALTaivnZr81FX7qdOEgvYkMnvADPFN8-9VYsPCUH4xBlNMzSj_qV4krKgMIJ3azqxnHJWEOsZgAax-PifyOyf2VGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_16WnGcUAX36aTYToVeUqV5c-TP2w%26client%3Dca-pub-2093309234994562%26adurl%3D
Protocol: HTTP/1.1
Server: 35.181.77.138 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: private
date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
server: web
transfer-encoding: chunked
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=486000, pre-check=486000
expires: Sat, 18 Nov 23 11:03:06 +0100

Redirect headers

pragma: private
date: Sun, 20 Aug 2023 09:03:05 GMT
server: web
transfer-encoding: chunked
content-type: text/html
location: https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c878d6aad5f86c12516aca61bc&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
cache-control: private, max-age=486000, pre-check=486000
expires: Sat, 18 Nov 23 11:03:05 +0100

PATCH
H/1.1 200
OK 649475174351cd1fbf875b2c Show response
fakeoff.org/api/content/view/article/ 3 B
222 B 1783ms
1782ms XHR
application/json 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/api/content/view/article/649475174351cd1fbf875b2c
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.jquery/jquery.js?v=02a26740e3989d4f8e9d892860fcf1f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 3bcc1340d90b3d55accb9a57998b69708fea2a63c39f7369047469f952ccad4f

Request headers

Accept: */*
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Aug 2023 09:03:07 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Server: nginx
Connection: keep-alive
Content-Length: 3
Content-Type: application/json

GET
H/1.1 200
OK articles Show response
fakeoff.org/api/theme_three/ 5 KB
1 KB 1838ms
1836ms XHR
application/json 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/api/theme_three/articles?term_model=article_type&term_field=article_type&term_alias=news&thumb_type=1&skip=0&count=3&sort=next&exclude=649475174351cd1fbf875b2c
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.jquery/jquery.js?v=02a26740e3989d4f8e9d892860fcf1f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 8032ab741bcb76c5babb353fcf826e94efd8cb47683e804d99cb8566a5e10e1d

Request headers

Accept: */*
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:07 GMT
Cache-Control: public
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/ 154 KB
52 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/reactive_library_fy2021.js?bust=31077198

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85690359a02d3cea7d7b77bcf312c1e8a4fe0f998b17507d6b19f761879002b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53705
x-xss-protection: 0
server: cafe
etag: 2158645682016726194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H2 200 a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff
static.criteo.net/design/dt/ Frame 63EE 16 KB
16 KB 245ms
123ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Jun 2018 14:45:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b34f4a7-3fb8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H/1.1 200
OK taxonomy-widget-cloud.js Show response
fakeoff.org/assets/plugins.taxonomy/js/ 114 B
457 B 166ms
165ms Script
application/javascript 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.taxonomy/js/taxonomy-widget-cloud.js?v=95517b528d48a87e0db610b4d31beabd
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.assetman/require.js?v=d5a78f78417c45893271df4f0da06f7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: ec9199f43308d0cd8941a47a405f204570dd70f87694153d776b076e0d9b6828

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Sep 2018 11:54:17 GMT
Server: nginx
ETag: W/"5ba38a69-72"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 63EE 12 KB
5 KB 139ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 621553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th5NaM9ZPr%2BbFe7f2VWU7SB3%2B9n%2BF2hE5TijCDO0vhvkng%2BYLzC8fLGrDHIXrfUm53urGSwP3gaJgtygItATysURIPqYExlyZGxsanOIL%2FywuRkUHIe2%2FeX%2Bga%2FJKyIanBtVV5cxu1MaRoTgQML8Dp5v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f99760bbfa63698-LHR
expires: Fri, 09 Aug 2024 09:03:05 GMT

GET
H2 200 impl.20230816-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 7411 798 KB
166 KB 52ms
52ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: aaa5513cdbb249e2a89186d90a196b8cd08297c8d3a26faed2e803db39f33c0e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: k9vSq6tm3Lof1DwGRWtrdhO4v7JpeSDw
content-encoding: br
via: 1.1 varnish
date: Sun, 20 Aug 2023 09:03:05 GMT
x-amz-request-id: K7W2CGSNZZT3WM2H
age: 27414
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169058
x-amz-id-2: vz25+tNMmWUc0b1CflPa8rOrKf5xGawtxfsEv8PkieyE35uXxzRwYtFPo5AaWq2TSvMF3gKWgF0=
x-served-by: cache-fra-etou8220025-FRA
last-modified: Wed, 16 Aug 2023 09:25:47 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692522185.489280,VS0,VE0
etag: "38ee0623c0b223064ec829d11f2dfaac"
vary: Accept-Encoding
content-type: application/javascript
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 49122

GET
H2 200 impl.20230816-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 8F43 798 KB
165 KB 53ms
53ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: aaa5513cdbb249e2a89186d90a196b8cd08297c8d3a26faed2e803db39f33c0e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: k9vSq6tm3Lof1DwGRWtrdhO4v7JpeSDw
content-encoding: br
via: 1.1 varnish
date: Sun, 20 Aug 2023 09:03:05 GMT
x-amz-request-id: K7W2CGSNZZT3WM2H
age: 27414
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169058
x-amz-id-2: vz25+tNMmWUc0b1CflPa8rOrKf5xGawtxfsEv8PkieyE35uXxzRwYtFPo5AaWq2TSvMF3gKWgF0=
x-served-by: cache-fra-etou8220025-FRA
last-modified: Wed, 16 Aug 2023 09:25:47 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692522186.513112,VS0,VE0
etag: "38ee0623c0b223064ec829d11f2dfaac"
vary: Accept-Encoding
content-type: application/javascript
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 49123

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 63EE 12 KB
6 KB 65ms
65ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 7 KB
7 KB 201ms
57ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=14984&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F14984%2F230404%2F662d70b8393e4288ae9dc2b148a7d8c8_horizontal%28with_claim%29.png&v=3&w=196&s=iihP2mO-0tMkzWFVAuhS8N_x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a9ed2bda0b81ef3998269bf6412b66bb3c831a22f312478b21d57c353254d382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 7290
expires: Fri, 02 Aug 2024 01:39:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 16 KB
16 KB 282ms
137ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F2f%2FP00811521.jpg&v=3&w=400&s=Z73kOyKYJ-VrPGR-pcXn-tBO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe2a86485d785cf8abdc49d86e493352cacbb5d6dfe45ff070b9c2e570df5785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 16008
expires: Sun, 20 Aug 2023 19:50:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 4 KB
5 KB 353ms
209ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F59%2FP00817218.jpg&v=3&w=400&s=lHfLDru-etm2MxFd4q4Q7RxV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9b98bc0d0d6414ad4d9db4b6ee8ee89b0b9ba37e3e66e22948ace11232c02378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 4510
expires: Sun, 20 Aug 2023 19:07:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 7 KB
7 KB 247ms
103ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F99%2FP00840404.jpg&v=3&w=400&s=RW8tTiTA4_cM144Utdb6HDcf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ccce3de631b2b98790dcfc0c56ba37a071b93a547ad101b08bf12a9e87a0a7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=36803
content-length: 7118
expires: Sun, 20 Aug 2023 10:06:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 9 KB
10 KB 260ms
116ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F1b%2FP00817199.jpg&v=3&w=400&s=IciVbt9ftlzUMFDN2zLxohSj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0e55f2f01ee66a22f1a756ea2c7fe005e089dfd9e52294f10b1e5a0b65cd2afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43192
content-length: 9560
expires: Sun, 20 Aug 2023 11:00:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 29 KB
29 KB 308ms
164ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F49%2FP00809648.jpg&v=3&w=400&s=_ngJDWetoyWiQ2w0o5-eUzz3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1aabfc9b0bd3c0f509de662fbf4d8d74e42fc7831125281c950f6e7e029ec27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 29410
expires: Sun, 20 Aug 2023 13:53:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 7 KB
7 KB 158ms
157ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F81%2FP00817208.jpg&v=3&w=400&s=46JdllcWwwd7dzzYgUCg9iDx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

016107894ecac5c2c28638b1cacee90932482e70a6460aba420127b890c0ebfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=42417
content-length: 6676
expires: Sun, 20 Aug 2023 11:17:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 10 KB
11 KB 146ms
145ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fc5%2FP00825056.jpg&v=3&w=400&s=SIMU5z8i7RJft72_exaXmzKt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

186c4b698713ee5d87944f72263e725fc184d11201d37ee3fbd9b96312819a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 10688
expires: Sun, 20 Aug 2023 14:41:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 4 KB
4 KB 162ms
162ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F16%2FP00834276.jpg&v=3&w=400&s=eRMIAGA3IecSFdfpRUHcCjVn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c05d640ce63fa682645c0dca09e72934bc87760f62a6127fceadd73186860fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=900
content-length: 4244
expires: Sun, 20 Aug 2023 09:17:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 63EE 6 KB
7 KB 158ms
158ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F53%2FP00819127.jpg&v=3&w=400&s=ax5Bhn1x2TkM6Glkady6_9G8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61538c645c2e2ea1fb6cf7d7ca6f78b1b90cbed40b09ddb6e4c03db7f37dbf32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=36116
content-length: 6496
expires: Sun, 20 Aug 2023 13:36:33 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 63EE 0
128 B 185ms
55ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=oXO5i9JqmzHu_TBW7BQOUAslvnCV7oFPAx4PJlw123JCrVUfmB-KGrW3UjHbn-seQST0I7EQIlZDyBQkOw77gYBxKsNzkYcbDiIpo1ttRb7zzVg4vjCVzIShx04hauN9_ijPetZj_s__emS5yCVVwhyjCAbI1Y8hk96U9dEqPtYyzjZ8ghfaMlUpQ6u0LnR2a3Q5wkZSJGksTjKGRi24gp3s44cHHZE3_7r7ZA7ke7Lnl12gq5wSgJIzpSZVPYCtMOUFtQ&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 63EE 2 KB
1 KB 58ms
58ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 63EE 2 KB
1 KB 70ms
70ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
DATA 200
OK truncated
/ Frame 7558 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1f358a82c0f7e3ee492ac360dbbbb5699d6f9a5a0ecea975a137c53797fdd58

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame 0D90 233 KB
33 KB 61ms
60ms Stylesheet
text/css 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bd025bf3007ff95742135c35c9b5ea9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 30 May 2023 18:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7049385
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33282
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 30 May 2023 18:28:53 GMT
server: nginx
etag: "64764065-8202"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: hwFA2qmwXiqFcRpSa_G7S4Zw60POr9SeHr2--oI-GCMwtPurS4Gjvw==
expires: Wed, 29 May 2024 18:53:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7558 16 KB
16 KB 165ms
52ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 401811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 17:26:14 GMT

GET
H2 204 debug
trc-events.taboola.com/disqus-fakeoff/log/2/ Frame 7411 0
90 B 263ms
47ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-fakeoff/log/2/debug?tim=10%3A03%3A05.650&type=info&msg=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&llvl=2&id=4313&cv=20230816-2-RELEASE&lt=deflated&pct=1
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 48037

GET
H2 204 debug
trc-events.taboola.com/disqus-fakeoff/log/2/ Frame 7411 0
89 B 263ms
48ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-fakeoff/log/2/debug?tim=10%3A03%3A05.651&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola%22%2C%22target_type%22%3A%22mix%22%2C%22placement%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Ffakeoff.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22prebidbidisrequired%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22fakeoff%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%7D&llvl=2&id=9967&cv=20230816-2-RELEASE&lt=deflated&pct=1
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 48037

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 4782 10 KB
4 KB 52ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 10343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 06:10:42 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 06:10:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2BA3 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42709c4a2cf86fb64369e1625bcc45bb7b53d9814394d840be4d4e3e26b90fdb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 1E07 10 KB
4 KB 52ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 10343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 06:10:42 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 06:10:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame A8AE 10 KB
4 KB 52ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 10343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 06:10:42 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 06:10:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lounge.bundle.bd614871882846aa054257382899bc90.js Show response
c.disquscdn.com/next/embed/ Frame 0D90 513 KB
129 KB 61ms
61ms Script
application/javascript 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.bd614871882846aa054257382899bc90.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bd025bf3007ff95742135c35c9b5ea9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

24426702885b51d96ffa44c1bb007c013df8083778c8cc73c96cc447674adef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 02 Aug 2023 23:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1503529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 130987
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 02 Aug 2023 23:18:56 GMT
server: nginx
etag: "64cae460-1ffab"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: JWNau_Ch0a5GMFum3ZW2SwBBNhaaizir9Ktkvcz-lytm7BAxtCzvQQ==
expires: Thu, 01 Aug 2024 23:24:16 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 0D90 18 KB
19 KB 52ms
52ms Script
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bd025bf3007ff95742135c35c9b5ea9f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b6f93e4cc75b593d86626b9ed9013ec0feac6b794eeff8a51de946a22557e2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 25
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 18762
X-XSS-Protection: 1; mode=block

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2BA3 33 KB
33 KB 59ms
59ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 359317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 05:14:28 GMT

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 4782 9 KB
4 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:40 GMT

GET
H2 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 4782 11 KB
5 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4782 14 KB
1 KB 67ms
65ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 08:13:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4782 2 KB
892 B 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 4782 23 KB
9 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4782 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 17:43:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4782 20 KB
8 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4782 180 KB
56 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 4782 35 KB
15 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H/1.1 200
OK taxonomy-widget-cloud.css
fakeoff.org/assets/plugins.taxonomy/css/ 66 B
386 B 43ms
42ms Stylesheet
text/css 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/assets/plugins.taxonomy/css/taxonomy-widget-cloud.css
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.jquery/jquery.js?v=02a26740e3989d4f8e9d892860fcf1f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 411371f21b96f6ed307eae34c88f7f0cf2d6f273e54f43b02b1cc2a1cbe5a4b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Sep 2018 11:54:17 GMT
Server: nginx
ETag: W/"5ba38a69-42"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 99A8 151 KB
51 KB 104ms
104ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANxHgJHUv-AA7Opmr4HWaSARYOG4-W8Q&u=%7CWDqi2rV9RTKR0NRilrMNg1r88iWL5WwqCDoIML7PW6k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zq6ctsu8xxkTCLTX116eI_BkMpjUbFs37CClqiCI6alSJnwhd3xN8L2V_SMwzzqwiuv3ggHv8XbtccpI3wFSwpIXWoTjNwCDKXIhxovw8x_nz1AtoEbZsYmc_tnxoyGZiWDNnDgAwK2CrxOpdjeXRwNcmak-rV1S0vYWf83Nv3Zn1eTZDhGWGk_0N20ypbU4wOw11nGZPOXvrY-pFFvbFGSomp5u3m5UrpT2P70-SMGYsGtH-Fxt6zXKPfzMwQO1ozwtznom8oslOA3Yra2az_rXQmpIlZV3abgZum7dYnXxspSHpRwenEzhRGOjs8t_rRcNOp-nFsDUh0IoDAqHp2oLWhVrm4joJ3bR1BozrEBamWTWwCsjqFBNEBk9XPAorIBfZJuOZwIn12n4zssnQmzyoNhi9PAPMaciD8UfD4m7dYhwGEVWobNFTtvS14gZsMQ5S9AH0CuthpspyeFQZ1nHNOCeQU_b2WUvz3xfACkZWIerdQ4doyGRMugxqt4r5-u-ijFFTVm4fjUs5AGfHyTZ9ASW3fWaS2cGesX_GHxgYpBRfpwWBOLFcKi9tI7sieWI50r_IhSQecqmE4serY0KIwP-bFZhbEiYf8Q6lOezbIWSbGdGGIeN_OkyzXZiwgTn3nufki1T0eHQINihRjM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC4JoyNbhZPiIN_6X9fgPpp270Ajkj9KxXJfS54SzAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEhQJP0ECfRMQLfa54XCo9CdNbkJRz1NlfGxsE1vF8K1liPhfKthUS64g0b-bBbO-xhXNrs76sO48Rd88hN-PTsibr5wEVmv9gnP3DU2FEIX396AESLG60Tl4N3IwNf2bCpqwICTwyTaKBg5r9Vo0tWlw8wt8ngJykepaAHdfn0DgS0UFaLcyelv1vdC9NyZYEw5AgeVsBCOAm4SotwFbGzZ-X0huN_W-QCyw3lkFQR_R-XwYj8B1lhGPDQCXtLqxSCTWIqhNoWTqOZv4ugbjF7iBYRDG9wibdUMXBCZrWlZLIkU97I1c8UeyJzZwUVF-oWlSPM-oH7LzmIVP48Lvj-iTYw6XjyBWABrH4-J_I7J_ZUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NokEMTe_-SSpzlRZ2PViee_ZXQw%26client%3Dca-pub-2093309234994562%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2f6bd0d566236c4652a1bd02e00a81152461e493dc57158d9e70fac85360e552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:05 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=sxmJCNJqmzHu_TBWQ-BTZhmUGdH9SimNWx4Xis3rSXXwmQq8qTZpcZHbINGWgwBQ03X1Q3Boq4d7OXKs-F-VNa5iCV-fI00DHtAkPwYZGzwHuyRrB-OWTI8IK7gamgRjHz0KcXqZtUbcyEODFoCx7tcHWLOtdGq8zdjV3TTDA8Pdecc7XCeD4EvEff-9joDsTFP116usY-1I3ixOg988Gsf7bFBN4HRkJfAzB99-_jbw38_qGnUAHPf57xcOeaYzOhDuRg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 44380204
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 1E07 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 17:43:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 1E07 20 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E07 180 KB
56 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C925 148 KB
50 KB 130ms
129ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANxHkJHUv-AA7OpqQI8dIMJcsphZTYpw&u=%7CWDqi2rV9RTJcEseW55gQ73OB6ltk9708%2Bzz78S2IzA4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zq6ctsu8xxkTCLTX116eI_BkMpjUbFs37GDgPM9cs2C5t-pCmnfGo9PrP_RFsD6SOXsEjRDoYQtQotOLrotmsCLhQxeGhr1cuSsYJSFvifjjMVwqmRkJ1TkRCrX97scXZgsCry1uJEEUwwj0TMzrpkN5mcDZg0O1JDJZspkbqVVpUTUZ729d9LGZNzXhAGF-Kbb54UVdhbdfhLDdKAQyZL1TDeJKiVd08751O05EqBuEyFTc5qMjiCEU7wBDE_iSwDC0XIzVwmkPsqtZOkONIPlZvrfHXRNKD7XrMAQApZSJLIVqJh3p42QPNUgAG8rs-KVoB1BLiUNqLvJ5j9sVmNe4yBZP2-_UTKWJ6FWz_aG0ssw1R9ly-TOblex6Tmc_fdAkgivIE-r3-ZLgOQ4OF8mTZUgeqQfFi-cY5ETPXvTcEb0vZ0AAVQMbzG85Asg6780xI7IX3-eMmxpoAkG6xCFQRHYhvvMcGbg_UManJOK3LA2QMyGsmWQ869I8i6ltaTfTjkxtDmUkdveI7khMXg7is71VfUbMUP7aP2isYlYfQnobw80WyLvVYNc7O8mhVO1rsOnXuVlEzIX2ywAH47mazaXz3QXipSu4WUVyKTQgnwqguk0qQkiXkKDHaYjpKD12VFvTTDTrZMp0ShuE5S8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkF7MyNbhZPmIN_6X9fgPpp270Ajkj9KxXJfS54SzAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEhQJP0MhGbYYjqDTYs_P_eJbnyuDK9BdQIjtpMTxRHh-TcUWGzKy_SZCOckqv5jdFLiOQFrXLNslOqQFFhQNM9pbRYlPmJQvsmMD6jE826HYhSmZXSRlIQjD-D9bsMKq3kzmBjBCs7TH0XYh2nX4IuQkf9yceSrPP45jn376bZxHDF1MZTw56d_dKD2S0xpY3BChqEmtD2Zk2kywVULNktNPZHsLR5yF7LscXj6_brU_T-0nDYYwPxwFyKWGnUDI75CXBXdoeY9j1s8_SFPBveTxyEynWbW7XDYIjUM3Uj3VzzrB67mDYcCGIoVDVE_BJ8aVBBpGdCHZWU26_DN5tmj955AllWVuABrH4-J_I7J_ZUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TZjfbFO1TF-JY_7RXWoUlXDEVVA%26client%3Dca-pub-2093309234994562%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2dc32330d1534c391b01349fe480597465e0dcbafe4115d7ba783001a450d7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jxW_BtJqmzHu_TBWkyoSe6ZzyPQNn_1e0wE4KwV0ZlFeBEkq4Fooy0XAp1i5jIf311cYb2bEOU5C5jT5q5bEKxUFzC8fhXy2Cb0yYMj1wDjgsbCFOz6o7CBVUblhEh96wmDa_cihgidEimDSDWeWcWE-5EJECK1r6WQsddk5w81rbQWRftdbWc3tEbxb6P4wthy10OctOuODXEDP5idtpRKexqZZu6a5_iVreAl3lpek3iKjvgv2101HD_s5akfyLQmOsw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 45365985
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A8AE 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 17:43:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A8AE 20 KB
8 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:52:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8AE 180 KB
56 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:03:05 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7558
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4XC7yNbhZKmrNa6t9fgPyfq3uA6qzsi9cIWS25ubDK3K_d8FEAEgkf6nCWC7vpaD0AqgAbC6odcDyAEJqQI9mh0vtj2yPqgDAcgDywSqBJQCT9CU6auZVnV6jSOyr3yAShsRpXzd3s4qAn-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214821025503054970980%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.co.uk%22,%22event_report_window%22:%...

0
0

212ms
97ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214821025503054970980%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226813602306083559633%22}&andc=true

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14821025503054970980","debug_reporting":true,"destination":"https://kayak.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"6813602306083559633"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 09:03:06 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 09:03:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14821025503054970980","debug_reporting":true,"destination":"https://kayak.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"6813602306083559633"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame FEC9 37 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 09:32:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 09:32:57 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2BA3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CtZ51yNbhZJnLNq6t9fgPyfq3uA7Lhq-3covU89TPD4e_pM33ChABIJH-pwlgu76Wg9AKoAGdkJPQA8gBCagDAcgDywSqBJQCT9Avv4Iq0DluCr1NKXZGDSe0Ut6YCHNozZnMjCaz2OBrqY2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211217539676454291098%22,%22debug_reporting%22:true,%22destination%22:%22https://trex.com%22,%22event_report_window%22:%222...

0
0

212ms
98ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211217539676454291098%22,%22debug_reporting%22:true,%22destination%22:%22https://trex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973391901%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22878046684637354417%22}&andc=true

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11217539676454291098","debug_reporting":true,"destination":"https://trex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["973391901"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"878046684637354417"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 09:03:06 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 09:03:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11217539676454291098","debug_reporting":true,"destination":"https://trex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["973391901"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"878046684637354417"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ru.js Show response
c.disquscdn.com/next/current/embed/lang/ Frame 0D90 35 KB
11 KB 58ms
58ms Script
application/javascript 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/embed/lang/ru.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bd025bf3007ff95742135c35c9b5ea9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

73561a6d0e93b6ed6fb1b0023e47aa88e4b1dec57d58224fcbbb9a7b37f5ce6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 20 Aug 2023 08:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 186
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 11182
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Wed, 02 Aug 2023 23:18:56 GMT
server: nginx
etag: "64cae460-2bae"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
timing-allow-origin: *
x-amz-cf-id: GDi-GHutMEWDiHkG7jnNggLkppzUspYuGo2E04p3tjgsw_k-obrmsw==
expires: Sun, 20 Aug 2023 09:04:59 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4164 37 KB
14 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 09:32:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 09:32:57 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 99A8 2 KB
1 KB 65ms
65ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANxHgJHUv-AA7Opmr4HWaSARYOG4-W8Q&u=%7CWDqi2rV9RTKR0NRilrMNg1r88iWL5WwqCDoIML7PW6k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zq6ctsu8xxkTCLTX116eI_BkMpjUbFs37CClqiCI6alSJnwhd3xN8L2V_SMwzzqwiuv3ggHv8XbtccpI3wFSwpIXWoTjNwCDKXIhxovw8x_nz1AtoEbZsYmc_tnxoyGZiWDNnDgAwK2CrxOpdjeXRwNcmak-rV1S0vYWf83Nv3Zn1eTZDhGWGk_0N20ypbU4wOw11nGZPOXvrY-pFFvbFGSomp5u3m5UrpT2P70-SMGYsGtH-Fxt6zXKPfzMwQO1ozwtznom8oslOA3Yra2az_rXQmpIlZV3abgZum7dYnXxspSHpRwenEzhRGOjs8t_rRcNOp-nFsDUh0IoDAqHp2oLWhVrm4joJ3bR1BozrEBamWTWwCsjqFBNEBk9XPAorIBfZJuOZwIn12n4zssnQmzyoNhi9PAPMaciD8UfD4m7dYhwGEVWobNFTtvS14gZsMQ5S9AH0CuthpspyeFQZ1nHNOCeQU_b2WUvz3xfACkZWIerdQ4doyGRMugxqt4r5-u-ijFFTVm4fjUs5AGfHyTZ9ASW3fWaS2cGesX_GHxgYpBRfpwWBOLFcKi9tI7sieWI50r_IhSQecqmE4serY0KIwP-bFZhbEiYf8Q6lOezbIWSbGdGGIeN_OkyzXZiwgTn3nufki1T0eHQINihRjM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC4JoyNbhZPiIN_6X9fgPpp270Ajkj9KxXJfS54SzAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEhQJP0ECfRMQLfa54XCo9CdNbkJRz1NlfGxsE1vF8K1liPhfKthUS64g0b-bBbO-xhXNrs76sO48Rd88hN-PTsibr5wEVmv9gnP3DU2FEIX396AESLG60Tl4N3IwNf2bCpqwICTwyTaKBg5r9Vo0tWlw8wt8ngJykepaAHdfn0DgS0UFaLcyelv1vdC9NyZYEw5AgeVsBCOAm4SotwFbGzZ-X0huN_W-QCyw3lkFQR_R-XwYj8B1lhGPDQCXtLqxSCTWIqhNoWTqOZv4ugbjF7iBYRDG9wibdUMXBCZrWlZLIkU97I1c8UeyJzZwUVF-oWlSPM-oH7LzmIVP48Lvj-iTYw6XjyBWABrH4-J_I7J_ZUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NokEMTe_-SSpzlRZ2PViee_ZXQw%26client%3Dca-pub-2093309234994562%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 99A8 2 KB
1 KB 66ms
65ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 99A8 308 B
636 B 63ms
62ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 99A8 293 B
621 B 61ms
60ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 99A8 43 B
347 B 55ms
54ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=7QtZh1mZR4rbGZxU3IZgyUUjo2ETqQeSlY4rj2zOhhL5jlxCrQNT6uunZ7y8FgE8lrhm8OwVcoc1doiXmAFP6DkpO9HOSWZF7GfOtuqMCvcH_BvR3ke30pwAdovo-pZ0m0zHewawidQuiwkxNpMxBHXQ-dNW2a2ifqBQQ7F5cv51mpI7LYfChZAdpRfdJ_AGHw3mYTwDSbEety200140IVG8URxHF6vBUzVmBLCo02rb8Df8TQcbqdyhDV98lATd3spegS5DC0jXOOYi2LGJKLsDBj_aSfLQdatAe01BtkMOuleF1e8WRHEYXL0YhYIQwhi0VhDMPv_BuVOD66P6UOmym13DytP-zYRrwzHH2dereZl-Trr1aSHT9mhs9EbfEkuRBmYSOQl8IyeNQdaasSsRfx0_nHxFLmJF6uq28UI6evvPMPXOngL2VQwtJYlDJ3XYEOlPlNDDZ09WvX0fmsDCe699O4sIxLjLU3mYZhR3wmkg-oC9vukfcrRGZEtz1BBJph0_vfZbNX8Xsl4QMUpidtFa2cpiP2r3Lb_rQvSt7Q-l

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1428068
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
cs.mytheresa.com/mix/v3/ Frame 99A8
Redirect Chain

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=64e1d6c97f513603c7ff6b2b0c93b77b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=64e1d6c97f513603c7ff6b2b0c93b77b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp...
https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c97f513603c7ff6b2b0c93b77b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&

43 B
990 B

79ms
79ms

Image
image/gif

35.181.77.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c97f513603c7ff6b2b0c93b77b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANxHgJHUv-AA7Opmr4HWaSARYOG4-W8Q&u=%7CWDqi2rV9RTKR0NRilrMNg1r88iWL5WwqCDoIML7PW6k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zq6ctsu8xxkTCLTX116eI_BkMpjUbFs37CClqiCI6alSJnwhd3xN8L2V_SMwzzqwiuv3ggHv8XbtccpI3wFSwpIXWoTjNwCDKXIhxovw8x_nz1AtoEbZsYmc_tnxoyGZiWDNnDgAwK2CrxOpdjeXRwNcmak-rV1S0vYWf83Nv3Zn1eTZDhGWGk_0N20ypbU4wOw11nGZPOXvrY-pFFvbFGSomp5u3m5UrpT2P70-SMGYsGtH-Fxt6zXKPfzMwQO1ozwtznom8oslOA3Yra2az_rXQmpIlZV3abgZum7dYnXxspSHpRwenEzhRGOjs8t_rRcNOp-nFsDUh0IoDAqHp2oLWhVrm4joJ3bR1BozrEBamWTWwCsjqFBNEBk9XPAorIBfZJuOZwIn12n4zssnQmzyoNhi9PAPMaciD8UfD4m7dYhwGEVWobNFTtvS14gZsMQ5S9AH0CuthpspyeFQZ1nHNOCeQU_b2WUvz3xfACkZWIerdQ4doyGRMugxqt4r5-u-ijFFTVm4fjUs5AGfHyTZ9ASW3fWaS2cGesX_GHxgYpBRfpwWBOLFcKi9tI7sieWI50r_IhSQecqmE4serY0KIwP-bFZhbEiYf8Q6lOezbIWSbGdGGIeN_OkyzXZiwgTn3nufki1T0eHQINihRjM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC4JoyNbhZPiIN_6X9fgPpp270Ajkj9KxXJfS54SzAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEhQJP0ECfRMQLfa54XCo9CdNbkJRz1NlfGxsE1vF8K1liPhfKthUS64g0b-bBbO-xhXNrs76sO48Rd88hN-PTsibr5wEVmv9gnP3DU2FEIX396AESLG60Tl4N3IwNf2bCpqwICTwyTaKBg5r9Vo0tWlw8wt8ngJykepaAHdfn0DgS0UFaLcyelv1vdC9NyZYEw5AgeVsBCOAm4SotwFbGzZ-X0huN_W-QCyw3lkFQR_R-XwYj8B1lhGPDQCXtLqxSCTWIqhNoWTqOZv4ugbjF7iBYRDG9wibdUMXBCZrWlZLIkU97I1c8UeyJzZwUVF-oWlSPM-oH7LzmIVP48Lvj-iTYw6XjyBWABrH4-J_I7J_ZUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NokEMTe_-SSpzlRZ2PViee_ZXQw%26client%3Dca-pub-2093309234994562%26adurl%3D
Protocol: HTTP/1.1
Server: 35.181.77.138 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: private
date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
server: web
transfer-encoding: chunked
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=486000, pre-check=486000
expires: Sat, 18 Nov 23 11:03:06 +0100

Redirect headers

pragma: private
date: Sun, 20 Aug 2023 09:03:06 GMT
server: web
transfer-encoding: chunked
content-type: text/html
location: https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c97f513603c7ff6b2b0c93b77b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
cache-control: private, max-age=486000, pre-check=486000
expires: Sat, 18 Nov 23 11:03:06 +0100

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4782
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CfoZYyNbhZPeIN_6X9fgPpp270Aimud-1ctPlve_BEf_1kOPXAhABIJH-pwlgu76Wg9AKoAHTsfnIA8gBAakCm6q-rTRdtT6oAwHIA8sEqgSUAk_Q1ZHIOLrpBn20tS15nikvI7VBFV_Bq-F...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222577753308604162377%22,%22debug_reporting%22:true,%22destination%22:%22https://rs-thinkhub.com%22,%22event_report_window%2...

0
0

212ms
98ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222577753308604162377%22,%22debug_reporting%22:true,%22destination%22:%22https://rs-thinkhub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22958290131%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221962633711629708993%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2577753308604162377","debug_reporting":true,"destination":"https://rs-thinkhub.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["958290131"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"1962633711629708993"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 09:03:06 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 09:03:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2577753308604162377","debug_reporting":true,"destination":"https://rs-thinkhub.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["958290131"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"1962633711629708993"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 270A 143 B
166 B 60ms
59ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 08:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4782 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f43ec6bfbd5bb228c0125be74bc01b4994549d4a9bdaa4a80a2dac55a4f9064

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C925 2 KB
1 KB 60ms
59ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANxHkJHUv-AA7OpqQI8dIMJcsphZTYpw&u=%7CWDqi2rV9RTJcEseW55gQ73OB6ltk9708%2Bzz78S2IzA4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zq6ctsu8xxkTCLTX116eI_BkMpjUbFs37GDgPM9cs2C5t-pCmnfGo9PrP_RFsD6SOXsEjRDoYQtQotOLrotmsCLhQxeGhr1cuSsYJSFvifjjMVwqmRkJ1TkRCrX97scXZgsCry1uJEEUwwj0TMzrpkN5mcDZg0O1JDJZspkbqVVpUTUZ729d9LGZNzXhAGF-Kbb54UVdhbdfhLDdKAQyZL1TDeJKiVd08751O05EqBuEyFTc5qMjiCEU7wBDE_iSwDC0XIzVwmkPsqtZOkONIPlZvrfHXRNKD7XrMAQApZSJLIVqJh3p42QPNUgAG8rs-KVoB1BLiUNqLvJ5j9sVmNe4yBZP2-_UTKWJ6FWz_aG0ssw1R9ly-TOblex6Tmc_fdAkgivIE-r3-ZLgOQ4OF8mTZUgeqQfFi-cY5ETPXvTcEb0vZ0AAVQMbzG85Asg6780xI7IX3-eMmxpoAkG6xCFQRHYhvvMcGbg_UManJOK3LA2QMyGsmWQ869I8i6ltaTfTjkxtDmUkdveI7khMXg7is71VfUbMUP7aP2isYlYfQnobw80WyLvVYNc7O8mhVO1rsOnXuVlEzIX2ywAH47mazaXz3QXipSu4WUVyKTQgnwqguk0qQkiXkKDHaYjpKD12VFvTTDTrZMp0ShuE5S8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkF7MyNbhZPmIN_6X9fgPpp270Ajkj9KxXJfS54SzAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEhQJP0MhGbYYjqDTYs_P_eJbnyuDK9BdQIjtpMTxRHh-TcUWGzKy_SZCOckqv5jdFLiOQFrXLNslOqQFFhQNM9pbRYlPmJQvsmMD6jE826HYhSmZXSRlIQjD-D9bsMKq3kzmBjBCs7TH0XYh2nX4IuQkf9yceSrPP45jn376bZxHDF1MZTw56d_dKD2S0xpY3BChqEmtD2Zk2kywVULNktNPZHsLR5yF7LscXj6_brU_T-0nDYYwPxwFyKWGnUDI75CXBXdoeY9j1s8_SFPBveTxyEynWbW7XDYIjUM3Uj3VzzrB67mDYcCGIoVDVE_BJ8aVBBpGdCHZWU26_DN5tmj955AllWVuABrH4-J_I7J_ZUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TZjfbFO1TF-JY_7RXWoUlXDEVVA%26client%3Dca-pub-2093309234994562%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame C925 2 KB
1 KB 62ms
60ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C925 308 B
636 B 127ms
126ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C925 293 B
621 B 128ms
127ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 14 Aug 2024 09:03:05 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C925 43 B
347 B 55ms
55ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Af_9gFmZR4rbGZxU3IZgyUUjo2F0enz5Aw5TpP5tC4q9MgVD6ac5rj9Lm-EwVU9E4L2TDqXHcVrWSujvtAJokyyL9-dtcTqPgmdEVSqq-03gKWOY8ASnxKmnG4tlLs8aG-V5GwsBbwwRz8YTS4xv8I6wZaANhNths5hZaBZGwo1U2qbMR9-79wEcHEy_rBWTqc8gsGjzEJFN2C-JIVK4vyJYarYKhKgjALD1r1HMXEZY3MshWWAjU1j2Kui8jBdMttd9GBLgigikXmJdbqMjh2AS24blNGYTwTikDnq05_XQVlNLcz-WeBU5dC4UdAtCoWk3w_vOka-1AfS2ZJsoR6fZ7RWArkNSAJXDXLB55AwiCjot9O4wi4j_aLMyU3DoYGbttCzY5kQPCF6b1bZ-ZUds6KWZPa4ap-C8-p0eupq9gidTinfdKKXuxKlMFZ-iyKiQOqIxB_awwURNUQJAvIpX535UYpw5ny5oaLFfzZqiu0l2DaKjr0_U58u_uvA8ZeOTethsRuQs-KGlICiluEUEByHV-oEkKxgwEbwr6IYW-CVu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1500463
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
cs.mytheresa.com/mix/v3/ Frame C925
Redirect Chain

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=64e1d6c9ff32e49e688f00cce135ea2b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=64e1d6c9ff32e49e688f00cce135ea2b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp...
https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c9ff32e49e688f00cce135ea2b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&

43 B
990 B

60ms
60ms

Image
image/gif

35.181.77.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c9ff32e49e688f00cce135ea2b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOHWyAANxHkJHUv-AA7OpqQI8dIMJcsphZTYpw&u=%7CWDqi2rV9RTJcEseW55gQ73OB6ltk9708%2Bzz78S2IzA4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zq6ctsu8xxkTCLTX116eI_BkMpjUbFs37GDgPM9cs2C5t-pCmnfGo9PrP_RFsD6SOXsEjRDoYQtQotOLrotmsCLhQxeGhr1cuSsYJSFvifjjMVwqmRkJ1TkRCrX97scXZgsCry1uJEEUwwj0TMzrpkN5mcDZg0O1JDJZspkbqVVpUTUZ729d9LGZNzXhAGF-Kbb54UVdhbdfhLDdKAQyZL1TDeJKiVd08751O05EqBuEyFTc5qMjiCEU7wBDE_iSwDC0XIzVwmkPsqtZOkONIPlZvrfHXRNKD7XrMAQApZSJLIVqJh3p42QPNUgAG8rs-KVoB1BLiUNqLvJ5j9sVmNe4yBZP2-_UTKWJ6FWz_aG0ssw1R9ly-TOblex6Tmc_fdAkgivIE-r3-ZLgOQ4OF8mTZUgeqQfFi-cY5ETPXvTcEb0vZ0AAVQMbzG85Asg6780xI7IX3-eMmxpoAkG6xCFQRHYhvvMcGbg_UManJOK3LA2QMyGsmWQ869I8i6ltaTfTjkxtDmUkdveI7khMXg7is71VfUbMUP7aP2isYlYfQnobw80WyLvVYNc7O8mhVO1rsOnXuVlEzIX2ywAH47mazaXz3QXipSu4WUVyKTQgnwqguk0qQkiXkKDHaYjpKD12VFvTTDTrZMp0ShuE5S8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkF7MyNbhZPmIN_6X9fgPpp270Ajkj9KxXJfS54SzAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEhQJP0MhGbYYjqDTYs_P_eJbnyuDK9BdQIjtpMTxRHh-TcUWGzKy_SZCOckqv5jdFLiOQFrXLNslOqQFFhQNM9pbRYlPmJQvsmMD6jE826HYhSmZXSRlIQjD-D9bsMKq3kzmBjBCs7TH0XYh2nX4IuQkf9yceSrPP45jn376bZxHDF1MZTw56d_dKD2S0xpY3BChqEmtD2Zk2kywVULNktNPZHsLR5yF7LscXj6_brU_T-0nDYYwPxwFyKWGnUDI75CXBXdoeY9j1s8_SFPBveTxyEynWbW7XDYIjUM3Uj3VzzrB67mDYcCGIoVDVE_BJ8aVBBpGdCHZWU26_DN5tmj955AllWVuABrH4-J_I7J_ZUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TZjfbFO1TF-JY_7RXWoUlXDEVVA%26client%3Dca-pub-2093309234994562%26adurl%3D
Protocol: HTTP/1.1
Server: 35.181.77.138 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: private
date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
server: web
transfer-encoding: chunked
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=486000, pre-check=486000
expires: Sat, 18 Nov 23 11:03:06 +0100

Redirect headers

pragma: private
date: Sun, 20 Aug 2023 09:03:06 GMT
server: web
transfer-encoding: chunked
content-type: text/html
location: https://cs.mytheresa.com/mix/v3/?tc_id=202308201103056700847817&tcs=3504&rand=64e1d6c9ff32e49e688f00cce135ea2b&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
cache-control: private, max-age=486000, pre-check=486000
expires: Sat, 18 Nov 23 11:03:06 +0100

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 99A8 12 KB
5 KB 51ms
50ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 621553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adiE6Hs2JIuQOB%2BZyDc0Zf8HMv8ky0hpdTNH5ezbEd1%2FEYlvWbQzcSfPZYA03l6q4kLBYPJw8%2BU6OVcAQm5%2B81KcgHGhwHo%2Ff3nOh7FQG4RpRWYk4BBc96rjZzznxwQKrrexc01pwk92wiCMkKhwRwQl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f99760e3b8a3698-LHR
expires: Fri, 09 Aug 2024 09:03:05 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 99A8 12 KB
6 KB 70ms
70ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:05 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 99A8 0
127 B 122ms
113ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=sxmJCNJqmzHu_TBWQ-BTZhmUGdH9SimNWx4Xis3rSXXwmQq8qTZpcZHbINGWgwBQ03X1Q3Boq4d7OXKs-F-VNa5iCV-fI00DHtAkPwYZGzwHuyRrB-OWTI8IK7gamgRjHz0KcXqZtUbcyEODFoCx7tcHWLOtdGq8zdjV3TTDA8Pdecc7XCeD4EvEff-9joDsTFP116usY-1I3ixOg988Gsf7bFBN4HRkJfAzB99-_jbw38_qGnUAHPf57xcOeaYzOhDuRg&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 99A8 2 KB
1 KB 125ms
116ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:06 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 99A8 2 KB
1 KB 123ms
114ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 218ms
90ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 09:03:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 215ms
90ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 09:03:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C925 12 KB
5 KB 49ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 621554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSaAY2Av2kuAmrodXWC3ZE9s2pgipeLfs3aAlAY9OBr5ngorzN2cY4cuIwA%2Bb%2FxVmBhIDo4QcFit6eNB8avIg2CwEk8FKT%2Bqlcs31s0rIvvg5zGr9zSc2HClA8Z6Cc%2F9s9c36QAlnzwjDUtRdH05QWG1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f99760f0b797333-LHR
expires: Fri, 09 Aug 2024 09:03:06 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C925 12 KB
6 KB 67ms
67ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:06 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C925 0
127 B 56ms
56ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=jxW_BtJqmzHu_TBWkyoSe6ZzyPQNn_1e0wE4KwV0ZlFeBEkq4Fooy0XAp1i5jIf311cYb2bEOU5C5jT5q5bEKxUFzC8fhXy2Cb0yYMj1wDjgsbCFOz6o7CBVUblhEh96wmDa_cihgidEimDSDWeWcWE-5EJECK1r6WQsddk5w81rbQWRftdbWc3tEbxb6P4wthy10OctOuODXEDP5idtpRKexqZZu6a5_iVreAl3lpek3iKjvgv2101HD_s5akfyLQmOsw&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C925 2 KB
1 KB 59ms
58ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:06 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C925 2 KB
1 KB 61ms
61ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 141ms
91ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 09:03:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 0D90 3 KB
3 KB 150ms
149ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=fakeoff&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bd025bf3007ff95742135c35c9b5ea9f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

84ccabb116fb1e7257f5a8ca64c57b0181e46aaeec52caa45432992f186a9e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:06 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3077
X-XSS-Protection: 1; mode=block

GET
H2 200 a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff
static.criteo.net/design/dt/ Frame 99A8 16 KB
16 KB 161ms
161ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Jun 2018 14:45:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b34f4a7-3fb8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:06 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 270A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

73ms
73ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:06 GMT
expires: Sun, 20 Aug 2023 09:03:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame E144 37 KB
14 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 09:32:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 09:32:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5C06 0
19 B 97ms
96ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsioFyNbhZJeiNoqK9fgPkr-cgA_kj9KxXP_Q2ZGIAcCNtwEQASAAYLu-loPQCoIBF2NhLXB1Yi0yMDkzMzA5MjM0OTk0NTYyyAEJqQKbqr6tNF21PqgDAcgDAqoEiQJP0KO0g8BgZkvijiQMqxxkAnW4xA8wFH8RkxSillhuKllm0WI56gTnobey3BWN6NFvu3SZcQpkzupy3Nty7-2GhETHzNp0bmeDlNl8iIPbvEJMPhVbc7Du_CA9kIhVfTQ3JbzTyzzxl9-ab_hDpMK45t0LhJPbzUAeXWLzX_bOcLpvfEeVJ6B5QwVvYMSOqM8C3fV4Kek5uugweX-Wrta1lLLtlCSwxRfUhENf7jetDbogCsW_jM2yfrGjOYKjt5w3baAFsze-nPagunrhKgILaKBb1d_ALTaivnZr81FX7qdOEknasVs8osHApD2yzQhrler70BPxORq7JSvj9i4Bj5xbc-s2dnfFgAax-PifyOyf2VGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjA5MzMwOTIzNDk5NDU2MhgA&sigh=3MQ3ewqeK0Q&uach_m=[UACH]&cid=CAQSGwBpAlJWtUETHcSrUp2fzsYYPrPW0OFOvEoT5BgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=5416012684&adk=864902465&adf=1223954278&pi=t.ma~as.5416012684&w=1140&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=1140x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184581&bpp=1&bdt=772&idt=256&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C890x280&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=cgnu32ju4S&p=https%3A//fakeoff.org&dtd=259
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 09:03:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 5C06 0
126 B 198ms
58ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=ksicF7_6RPQImAKH-lcYAgAAANYw1trenZdiPY9XCBDI1uFkvfOTO7wzOrKhdQAAEgAACgpBUVVCRHdFQkR3&wp=ZOHWyAANkRcJHUUKAAcfkisN0mYFqE1qtIDNXQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:05 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 151784
server: Kestrel
content-length: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 0D90 11 KB
874 B 75ms
74ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 08:16:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 09:03:06 GMT

GET
H2 200 a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff
static.criteo.net/design/dt/ Frame C925 16 KB
16 KB 115ms
115ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Jun 2018 14:45:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b34f4a7-3fb8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 09:03:06 GMT

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 67ms
67ms Script
application/javascript 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: fakeoff.disqus.com
URL: https://fakeoff.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 16 Mar 2023 10:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 13558277
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 02 Mar 2023 09:36:57 GMT
server: nginx
etag: "64006e39-67d2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: ioIwOL5d0WQr7Bzo0_odjzuAA5nPMdkDrH4GphnD1Ii0pEb8WGFxjQ==
expires: Fri, 15 Mar 2024 10:51:49 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 0D90 13 KB
13 KB 71ms
71ms Image
image/svg+xml 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 15 Jan 2023 02:16:14 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 18773212
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jbd7kVSXGtBw2By7P3oyyljhayfLtulNVek15pYqxQR8suzIGIa7pg==
expires: Mon, 15 Jan 2024 02:16:14 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 0D90 3 KB
3 KB 70ms
69ms Image
image/gif 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 12 Jan 2023 03:03:01 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 19029605
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: e4nsIeSL0VY5gLdAxdq4RZTBFD2O3ACegPA2W9uQsXyeZKYz5_NtEg==
expires: Fri, 12 Jan 2024 03:03:01 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 0D90 840 B
1 KB 70ms
69ms Image
image/svg+xml 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 19 Apr 2023 18:37:18 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 10592748
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 18 Apr 2023 23:42:29 GMT
server: nginx
etag: "643f2ae5-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: V7lJ-Xyml76dm-aNxMdLaxTuHWIhxkOTF7HhUeDNs4QuDnfDDF7iXw==
expires: Thu, 18 Apr 2024 18:37:18 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 0D90 891 B
1 KB 71ms
70ms Image
image/svg+xml 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 28 Jan 2023 10:59:15 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 17618631
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: HdR-oSnT-UkL11wjClkLuLWWSWdh_Qs1tAx7_2We_1RZZgYiYdtSdg==
expires: Sun, 28 Jan 2024 10:59:15 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 0D90 605 B
1 KB 71ms
70ms Image
image/svg+xml 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 07:05:35 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 18583051
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WUZnoEBJlufc6Ko_Vczs1fFQ7r8MZ8B1JuThH-8wcP9solrBWsjYrA==
expires: Wed, 17 Jan 2024 07:05:35 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 0D90 2 KB
2 KB 71ms
71ms Image
image/png 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 06:16:10 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 18586016
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: c30LTuBR_fTxNg2EtMoqWe7h1wTXM709bfiRMH4DmjCkw7tG5BIatQ==
expires: Wed, 17 Jan 2024 06:16:10 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 0D90 8 KB
8 KB 61ms
61ms Font
application/octet-stream 2600:9000:2057:3800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 22 Jul 2023 02:00:22 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 2530964
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 12 Jul 2023 14:04:56 GMT
server: nginx
etag: "64aeb308-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: eEHKGYHt7-iJ4m1_Mb4taw6cvKI25WnW6uST9xZFS6GU1VmRWlPRjw==
expires: Sun, 21 Jul 2024 02:00:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D90 15 KB
16 KB 57ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 78889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 11:08:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D90 9 KB
10 KB 64ms
63ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:26:59 GMT
x-content-type-options: nosniff
age: 41767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 21:26:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D90 15 KB
15 KB 68ms
67ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 298490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:08:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D90 9 KB
9 KB 80ms
79ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 14:57:56 GMT
x-content-type-options: nosniff
age: 324310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 14:57:56 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D90 17 KB
17 KB 94ms
93ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 07:27:52 GMT
x-content-type-options: nosniff
age: 178514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:27:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D90 16 KB
16 KB 95ms
95ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 401812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 17:26:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D90 10 KB
10 KB 103ms
103ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 10:38:28 GMT
x-content-type-options: nosniff
age: 167078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 10:38:28 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D90 17 KB
17 KB 107ms
107ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:27:18 GMT
x-content-type-options: nosniff
age: 131748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:27:18 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 0D90 43 B
339 B 147ms
147ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=675&event=init_embed&thread=9745396536&forum=fakeoff&forum_id=3456147&imp=29pcvgr38faa08&thread_slug=_venomnetwork&user_type=anon&referrer=https%3A%2F%2Ffakeoff.org%2F&theme=next&dnt=0&tracking_enabled=0&experiment=prebidbidisrequired&variant=active&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=fakeoff&t_i=%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_u=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&t_d=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&t_t=%D0%9A%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B8%D0%B9%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%20%D0%9E%D0%90%D0%AD%20venom.network%20%E2%80%93%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%BA%D0%B0%D0%BC&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
389 B 193ms
53ms Image
image/gif 143.204.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=9.707901680812535
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-42.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:04 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 3
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
content-length: 43
x-amz-cf-id: CvnQbUgbsqvY38BxHHIByeOQUmszHAWc3RHKZ_8X-EVma1pUzNn-NQ==

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
387 B 194ms
53ms Image
image/gif 143.204.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=9.707901680812535
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-42.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:04 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 3
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
content-length: 43
x-amz-cf-id: a0oovCc65dfUYID3W9rL01U4phGu94QZ-fa7FKGaSMZ7SPIvQE2hUg==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 209ms
102ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d5e8db7b7e834585a1f20bb99db5a173ed2585d9ab2e2058cf2c676e5092835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11884
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7558 42 B
64 B 158ms
157ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUlSj6c68bLQkQNI9Kp8i5g780l3nYlpkmYR1oB8S5uOvz5Pidzlu21zxw9bdIBUHOX75EwVZw8AVofBjGtm5HVsxo2BBGeRP-Std_ikOnTWf8wjvB67gjQAFcwqytz3bw7TQ0-wr5OS5B&sai=AMfl-YRz2lZKKGGbkwcFaNXDGIqf7br2EctZkoHrQaXixwwO1heeu8Tg4Kua0WKxHAsx4tH9tvtclCq82y2o&sig=Cg0ArKJSzFl-zEAxAsWUEAE&cid=CAQSGwBpAlJWVyzU0sngQDcIpJd7yagwrYEsBr9ElxgB&id=lidar2&mcvt=1000&p=0,0,280,890&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=762166867&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692522184826&rpt=1015&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:03:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 09:03:06 GMT

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 358 B
787 B 202ms
86ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 71418c6d0ee61c20c36f70359bf1af18cbd72966e6007bf2fd961f2b68c9dcf2

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 20 Aug 2023 09:03:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://fakeoff.org
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 358
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B6E 13 KB
5 KB 54ms
52ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 08:47:01 GMT
expires: Mon, 19 Aug 2024 08:47:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D3FB 829 B
995 B 63ms
62ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b7660fd238f38896de08fb319606535a749bed0ca10fe946e3368442433e444

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KxnALDIh7j6XFdC6EreP3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-KxnALDIh7j6XFdC6EreP3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:03:06 GMT
expires: Sun, 20 Aug 2023 09:03:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D3FB 0
0 200ms
200ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=4139042205702122&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B6E 37 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 09:32:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 09:32:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6B6E 0
10 B 52ms
52ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?N47LSw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 403
Forbidden sync.gif
links.services.disqus.com/api/ 0
0 81ms
81ms Image
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 41 B
469 B 194ms
85ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: bc4aa659c0fc4f9ae99f61f8281bcb0e0c919d8d0e84ece089f41ab35eac50d1

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 20 Aug 2023 09:03:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://fakeoff.org
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4782 42 B
64 B 158ms
157ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty-A7il5J8ZdL9FUnnm0QdKX0703-cGQlMnG0FK_g9Hy_1Qjkljg220XHLxaaNNSJIH57OruIb8Zvdj6HpH1eCtFvbZMFKLpIXz4flFwwM9Ewl3XMjCM3Jth8cCZFyEStCIYOAs4RJFgeJ&sai=AMfl-YS5nwRTsQDM9HWfv1PofT0DlD7hVdEOhddSQ_WfMhiu5KjOdU1srLuMVdko7CPZyYFNbreNaxefGMGI&sig=Cg0ArKJSzGHJd6L0K8-QEAE&cid=CAQSGwBpAlJWwrzX8GJDn2Jq4IwkLshSfM5Bq1lpEBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=246,822,1000,1000,1000&tos=246,576,178,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692522185668&rpt=529&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:03:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK articles Show response
fakeoff.org/api/theme_three/ 4 KB
1 KB 881ms
881ms XHR
application/json 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/api/theme_three/articles?term_model=article_type&term_field=article_type&term_alias=news&thumb_type=2&skip=0&count=2&sort=recommended&exclude=649475174351cd1fbf875b2c%2C64e06f374351cd4e72b203df%2C64e063264351cd4e71b203df%2C64dfc5554351cd0d59899800
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.jquery/jquery.js?v=02a26740e3989d4f8e9d892860fcf1f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: e2b15ce77d0872a33778e11fbbae305db9c901923065fcd2606e048de0830f8e

Request headers

Accept: */*
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:08 GMT
Cache-Control: public
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H/1.1 200
OK 64e06f294351cd4e70b203e0.jpg
fakeoff.org/image/resize/400/350/64/e0/ 21 KB
21 KB 134ms
134ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/400/350/64/e0/64e06f294351cd4e70b203e0.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: f19516879e053f2a441ccdb8c04f5084d5a0cbdf3c0942e75b39ad2341fb7744

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Aug 2023 07:43:07 GMT
Server: nginx
ETag: W/"64e0728b-5466"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 64e060d94351cd4e70b203de.jpg
fakeoff.org/image/resize/400/350/64/e0/ 27 KB
28 KB 236ms
235ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/400/350/64/e0/64e060d94351cd4e70b203de.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: ec071cee1b00bd382dd164ef5c02ee0435a62cc85a4bab41c613c2ad256356a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Aug 2023 06:40:19 GMT
Server: nginx
ETag: W/"64e063d3-6d84"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 64dfc4894351cd0d598997fe.jpeg
fakeoff.org/image/resize/400/350/64/df/ 16 KB
16 KB 188ms
187ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/400/350/64/df/64dfc4894351cd0d598997fe.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 23e13658f8b922ebbf93527ff9fa010f9fd4f4ab67db188b015d264eb316e8b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Aug 2023 19:25:23 GMT
Server: nginx
ETag: W/"64dfc5a3-40c3"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 42 B
470 B 82ms
82ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0aa39660d34a955ff754aa0b19433c2c83892c391d78ac735b55152e91dd531c

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 20 Aug 2023 09:03:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://fakeoff.org
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 206ms
206ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=4139042205702122&bg=!ZmWlZTHNAAZGPLJIZjw7ADkAdvg8WgyMIx-T4F2k1TadlOY97sdgml55IGnA3q5LxnmdbJBw3pfjmP79vy30M_fG4XZJo8DaBe8CAAAAVFIAAAAGaAEHCgC1Fgye_KPmdeURuUE6BuPNzBgRy8006S3HGx4MjyEnD69j11UBCAUwIG3fnAKa5I1s3lSpt5IV18Kr9KY0mcxmX6HpiSbHcDEfTNORlmh2ANpvvhmPyrBrKFV3ooxE7HBPHL_nAatqLMwRzkGdkLBHKKNviQCGgRm82vCG4Y0gp_m5T1NoRpo7c4aqYFxP9nY5bHm0vE-emi1PT61QzXbSGw8ndc2K5Ymi1oDCenLExYw7ummnZZkCvKex2b6cIbTtuGUBOadw6YCkFjXgi1-rq7PqXwBjGaeCzCcwoBFOtJOFuvbCKhlgL7mPyiL6Ak417zAO5LIVxGIRWsWrtncUtdnEwLDzSTWkE8z-vhelS94hvL-Yzwr24w9DD442FyGzgaME7vIr-0Pae8RTAxokQ2tZx4CAV3VW9cukGz0S0DV6YJHJ7S3OzppEBjMdcdUl0uSh1iPsn0BQt36jCut8gaO5YrKUjuSoCFKXLFQ0z48C555pvW5eKkTY6iMLqpWnGaR-krVCB-CN3G0VPCWEohl82V-B64ZPzQxI2M9OSjGCbL-vjXbIQvsA2k8UnxghHc8htU9OYZzV3cuO_gMY1xHokMx7moM5zcjQXafBbNL2ps5tF8-RVxRL8GF00gbtYfx1hTUeXgsQW-o7NCoYAVF2r-9BgCiQW6KGS_6zO0pEdnxiao2_W146KJzfuswO2VfaIJWUExAKUo8x0qj8mmmIMaACeki2pPZvxUA-dX5pD3mzVkzrH4uaQ_YQjiwyUYv6bXLQ4XdAOkRqxzArZjJ2qabXVpuuDJb-jEoUX51v_AYcFle3sam2C029i5wUWV2JnEPDFQw4Ik9YwRVzQhZB90XNh5yk0smgZkAmsenPBOhumV4a1N5Hd9KdWlBmJk2GHEpOor40hxqI9hOnhiKotkZwxCFYwTepFzur6Gi_yAFXzBwsgpFGyeNad44KjPFVauk_zHQjO_PA22FC8Z0yZXcOL3sNUKeleJ6E4V5B9rff4KvtOIhL9_dzusUsY3mf6xRqqJPnExfCeWPpbibrReGbypwkrVBY1xiwizvCXfiFXKYfma_5FI_1DV640SJpKDOM6IJoVF0EQlRuhmLdEjF0Ni2FqrpD7eUvF2dv3MFqyLfsc1dJ7-VypDB80JwZZ6Jb_u3PTh4-i7uLrHxOiqU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H/1.1 200
OK articles Show response
fakeoff.org/api/theme_three/ 7 KB
2 KB 1033ms
1033ms XHR
application/json 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fakeoff.org/api/theme_three/articles?term_model=article_type&term_field=article_type&term_alias=news&thumb_type=1&skip=0&count=4&sort=popular&exclude=649475174351cd1fbf875b2c%2C64e06f374351cd4e72b203df%2C64e063264351cd4e71b203df%2C64dfc5554351cd0d59899800%2C64d5e5154351cd33ca0e1765%2C64c410894351cd34e39ecfb2
Requested by: Host: fakeoff.org
URL: https://fakeoff.org/assets/plugins.jquery/jquery.js?v=02a26740e3989d4f8e9d892860fcf1f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 7df27ce52ca114968c4a641e2c536f99370cec9595fde391ab8238e77eebef6f

Request headers

Accept: */*
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:09 GMT
Cache-Control: public
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H/1.1 200
OK 64d5e0e34351cd0ac80e1762.jpeg
fakeoff.org/image/resize/600/400/64/d5/ 34 KB
34 KB 136ms
135ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/600/400/64/d5/64d5e0e34351cd0ac80e1762.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 13d39f4d1840cbdc8f7f9be720f0b539b2918421d082fb2ae03edd3aab0b290c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2023 15:16:18 GMT
Server: nginx
ETag: W/"64dce842-86e5"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 64c40f0c4351cd34e39ecfb0.jpeg
fakeoff.org/image/resize/600/400/64/c4/ 19 KB
19 KB 183ms
183ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/600/400/64/c4/64c40f0c4351cd34e39ecfb0.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 7eacc7612211abde2bfac07e4de0be0e99f61dddc1094731c32f93e3506af282

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 16:05:38 GMT
Server: nginx
ETag: W/"64cd21d2-4da9"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 64a686be4351cd6b13ecde74.jpeg
fakeoff.org/image/resize/300/250/64/a6/ 16 KB
16 KB 85ms
84ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/300/250/64/a6/64a686be4351cd6b13ecde74.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 0524f4d18098c72e69987925cab359da2373b55f2cf2d81386cb8bb206f08059

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:09 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Aug 2023 11:02:36 GMT
Server: nginx
ETag: W/"64ce2c4c-40c6"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 64a4fa784351cd59ee553294.jpg
fakeoff.org/image/resize/300/250/64/a4/ 15 KB
15 KB 136ms
136ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/300/250/64/a4/64a4fa784351cd59ee553294.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 914d58cdb93f6c45ab402785b213ab374f39912eb559e3c8828a3521d91a438c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 07:27:41 GMT
Server: nginx
ETag: W/"64cca86d-3bf8"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 646713274351cd06bd401c9c.jpg
fakeoff.org/image/resize/300/250/64/67/ 12 KB
12 KB 146ms
145ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/300/250/64/67/646713274351cd06bd401c9c.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: c43a41583d248c0a4cedbbe988ddfa9b525d5e55ae7f0787eb04e456f231fdda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Aug 2023 09:03:02 GMT
Server: nginx
ETag: W/"64dde246-3051"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 646c6b0d4351cd536891ece7.jpeg
fakeoff.org/image/resize/300/250/64/6c/ 13 KB
13 KB 235ms
235ms Image
image/jpeg 178.79.189.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fakeoff.org/image/resize/300/250/64/6c/646c6b0d4351cd536891ece7.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.189.67 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 4ad.biz
Software: nginx /
Resource Hash: 0a2802b377b9d2d19d96c6d4a24d20f5f5ff55625d0b9ca1a046b334ff9634ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:09 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Jul 2023 10:26:03 GMT
Server: nginx
ETag: W/"64bbaebb-3508"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive

GET
H2 200 json Show response
trc.taboola.com/disqus-fakeoff/trc/3/ Frame 7411 40 KB
12 KB 232ms
222ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-fakeoff/trc/3/json?tim=10%3A03%3A10.658&lti=deflated&data=%7B%22id%22%3A966%2C%22ii%22%3A%22%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1692283601546%2C%22vi%22%3A1692522190655%2C%22cv%22%3A%2220230816-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam%22%2C%22vpi%22%3A%22%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam%22%2C%22e%22%3A%22https%3A%2F%2Ffakeoff.org%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A890%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A890%2C%22dh%22%3A27%2C%22nsid%22%3A%22disqus-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Ddisqus-network%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Ffakeoff.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22prebidbidisrequired%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22fakeoff%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Ffakeoff.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22prebidbidisrequired%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22fakeoff%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%2C%22amw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a00b1b74d5f2ccdfa20c09a4903ce9c3c8df6a72df646586e7236ea20f647e9c

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 170
date: Sun, 20 Aug 2023 09:03:10 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7263
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220025-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1692522191.696677,VS0,VE170
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://fakeoff.org
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/disqus-fakeoff/log/2/ Frame 7411 0
89 B 48ms
48ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-fakeoff/log/2/debug?tim=10%3A03%3A10.657&type=info&msg=%7B%22domain%22%3A%20%22https%3A%2F%2Ffakeoff.org%22%2C%20%22experiment%22%3A%20%22prebidbidisrequired%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22fakeoff%22%2C%20%22variant%22%3A%20%22active%22%7D%20thumbnails-a&llvl=2&id=9399&cv=20230816-2-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47564

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/disqus-fakeoff/log/3/ Frame 7411 0
243 B 48ms
48ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/disqus-fakeoff/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://fakeoff.org
pragma: no-cache
date: Sun, 20 Aug 2023 09:03:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 json Show response
trc.taboola.com/disqus-fakeoff/trc/3/ Frame 8F43 41 KB
13 KB 559ms
558ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-fakeoff/trc/3/json?tim=10%3A03%3A11.121&lti=deflated&data=%7B%22id%22%3A544%2C%22ii%22%3A%22%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1692283601546%2C%22vi%22%3A1692522190655%2C%22cv%22%3A%2220230816-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam%22%2C%22vpi%22%3A%22%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam%22%2C%22e%22%3A%22https%3A%2F%2Ffakeoff.org%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A890%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A890%2C%22dh%22%3A27%2C%22nsid%22%3A%22disqus-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Apub%3Ddisqus-network%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Ffakeoff.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22prebidbidisrequired%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22fakeoff%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Ffakeoff.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22prebidbidisrequired%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22fakeoff%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%2C%22amw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c822f41463aafb4234c235549d2cd4aee6c1090368b70c086824d23e001def64

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 506
date: Sun, 20 Aug 2023 09:03:11 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7476
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220025-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1692522191.149832,VS0,VE506
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://fakeoff.org
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.2.1/ Frame 7411 123 KB
35 KB 55ms
52ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64ccbc4105ea44f9962242c446ed2fa726787b41e6bba78814b42f6110db351b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 349960
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35456
x-served-by: cache-fra-etou8220025-FRA
last-modified: Wed, 16 Aug 2023 07:50:00 GMT
server: AmazonS3
x-timer: S1692522191.174870,VS0,VE0
etag: "5d5051e47e2d2014ea6adf96a2843e19"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: c5wiExf7fsM2J76acU79aG3MQNGe7IDuNuFgedUUAkOpcS4rCdIzdg==
x-cache-hits: 24010

GET
H2 200 userx.20230816-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 7411 17 KB
6 KB 52ms
52ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230816-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7edf23266109a291d04fb6729c9fe1b7eee7dc0dda62b44f11d2be6de79d002

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: E5dGmKlF7MAdreZYHsHg0GFXLkmk.Fdo
content-encoding: gzip
via: 1.1 varnish
date: Sun, 20 Aug 2023 09:03:11 GMT
x-amz-request-id: BH435CXESQ32Q8C6
age: 2535
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: 8b+bBG/qTggx23MqTBkRG5PKUNuaSRFOR2RWnJmh+z1/Ys5oX2kuC9DH7Ymuea+e4KXmQ8hLbrc=
x-served-by: cache-fra-etou8220025-FRA
last-modified: Sun, 20 Aug 2023 08:20:56 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692522191.172954,VS0,VE0
etag: "da682b5af6eefaa9198a4b57e340288c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 739

GET
H2 204 debug
am-trc-events.taboola.com/disqus-fakeoff/log/2/ Frame 7411 0
89 B 49ms
48ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-fakeoff/log/2/debug?tim=10%3A03%3A11.132&type=info&msg=Start%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Ffakeoff.org%22%2C%20%22experiment%22%3A%20%22prebidbidisrequired%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22fakeoff%22%2C%20%22variant%22%3A%20%22active%22%7D&llvl=2&id=2577&cv=20230816-2-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47356

GET
H2 204 abtests
am-trc-events.taboola.com/disqus-fakeoff/log/3/ Frame 7411 0
230 B 49ms
48ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-fakeoff/log/3/abtests?route=AM:AM:V&tvi2=-2&lti=deflated&ri=f34a88394da3bb94fdf518550444c351&sd=v2_b221577750fbf1f714d32c32dc5fd3fd_0eaac768-9489-464c-acc8-ce6882bb2873-tuctbdb5c4e_1692522190_1692522190_CIi3jgYQ36FUGL-uvJGhMSABKAEwODib4wlAgooQSMmG2ANQ____________AVgAYABo8YOR1vSR_bgFcAA&ui=0eaac768-9489-464c-acc8-ce6882bb2873-tuctbdb5c4e&pi=/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&wi=1692610200310503927&pt=text&vi=1692522190655&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692522191135%7D&tim=10%3A03%3A11.135&id=7422&llvl=2&cv=20230816-2-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 20 Aug 2023 09:03:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/disqus-fakeoff/log/2/ Frame 7411 0
89 B 48ms
47ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-fakeoff/log/2/debug?tim=10%3A03%3A11.143&type=info&msg=Finish%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Ffakeoff.org%22%2C%20%22experiment%22%3A%20%22prebidbidisrequired%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22fakeoff%22%2C%20%22variant%22%3A%20%22active%22%7D&llvl=2&id=2671&cv=20230816-2-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47356

GET
H2 204 debug
am-trc-events.taboola.com/disqus-fakeoff/log/2/ Frame 7411 0
89 B 48ms
47ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-fakeoff/log/2/debug?tim=10%3A03%3A11.155&type=info&msg=Finish%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Ffakeoff.org%22%2C%20%22experiment%22%3A%20%22prebidbidisrequired%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22fakeoff%22%2C%20%22variant%22%3A%20%22active%22%7D&llvl=2&id=2752&cv=20230816-2-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47356

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/disqus-fakeoff/log/3/ Frame 7411 0
243 B 48ms
48ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/disqus-fakeoff/log/3/bulk-metrics?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://fakeoff.org
pragma: no-cache
date: Sun, 20 Aug 2023 09:03:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 d1cad6b68d344f2b2ddcb895717bcbd2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7411 27 KB
27 KB 59ms
58ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1cad6b68d344f2b2ddcb895717bcbd2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a05b2d84ad5d3722ed4e3e426a4a9dbf4fbf98904251ba6fa6185e43cf8f740a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1cad6b68d344f2b2ddcb895717bcbd2.jpg
age: 1097341
edge-cache-tag: 477528214285648009619023160958472798300,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 477528214285648009619023160958472798300,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 156
req-referer: https://art-news.space/
content-length: 27296
x-request-id: 5d0c3322a1a8c6fafc3b8909c6d859f4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100023-IAD, cache-iad-kjyo7100069-IAD, cache-lga21954-LGA, cache-iad-kcgs7200132-IAD, cache-fra-etou8220025-FRA
last-modified: Fri, 14 Jul 2023 22:23:57 GMT
server: nginx
x-timer: S1692522191.187213,VS0,VE3
etag: "9deb6f2a0e9c042579a574efb10f3745"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 11d39e14ec4e0e97c11a1d205e962a42.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7411 36 KB
36 KB 56ms
55ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11d39e14ec4e0e97c11a1d205e962a42.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ae9bfb73f810deef70ec5bccee09c6018869a3e0d9f993f97b4a93156f9ed19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11d39e14ec4e0e97c11a1d205e962a42.jpg
age: 2993217
edge-cache-tag: 376275636671873506984966869236665535287,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 376275636671873506984966869236665535287,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 895
req-referer: https://www.49erswebzone.com/
content-length: 36412
x-request-id: e5dc14f0d5898c08f7a547594537db9e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200072-IAD, cache-iad-kcgs7200143-IAD, cache-chi-klot8100029-CHI, cache-iad-kcgs7200053-IAD, cache-fra-etou8220025-FRA
last-modified: Mon, 10 Jul 2023 00:31:52 GMT
server: nginx
x-timer: S1692522191.187253,VS0,VE2
etag: "30f7ea58d423f691f26e479dd93a713a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 137, 1

GET
H2 200 881a403e-4bda-4d9c-94ea-0a45762f8204__Hr600ZsN.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ Frame 7411 13 KB
14 KB 55ms
54ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/881a403e-4bda-4d9c-94ea-0a45762f8204__Hr600ZsN.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d560219c98d72ccdc78653e476c2451ab000f59423c1b092f2779c9f0646cdb8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/881a403e-4bda-4d9c-94ea-0a45762f8204__Hr600ZsN.jpg
age: 2318889
edge-cache-tag: 627299696012897742698541150110373318645,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 627299696012897742698541150110373318645,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 586
expiration: expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://travelseeker.de/
content-length: 13580
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000052-IAD, cache-iad-kiad7000091-IAD, cache-sna10731-LGB, cache-iad-kiad7000095-IAD, cache-fra-etou8220025-FRA
last-modified: Fri, 14 Jul 2023 16:53:11 GMT
server: nginx
x-timer: S1692522191.187219,VS0,VE1
etag: "85e102572e8c59794e362168e2acdaad"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 0, 1

GET
H2 200 abec9cd012ed7b5b7c7c88571457b204.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7411 19 KB
20 KB 61ms
61ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abec9cd012ed7b5b7c7c88571457b204.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 779944052ce3b89662a494eab2c1d7d773f587751bbee28ae09d1247125a6ce2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 7
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abec9cd012ed7b5b7c7c88571457b204.png
age: 1468819
edge-cache-tag: 295850115356542585480646545745049189932,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 295850115356542585480646545745049189932,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 115
req-referer: https://wutils.com/
content-length: 19740
x-request-id: 0d6e837f0f84596a576410247c4d7549
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100175-IAD, cache-iad-kjyo7100062-IAD, cache-lga21927-LGA, cache-iad-kjyo7100033-IAD, cache-fra-etou8220025-FRA
last-modified: Tue, 11 Jul 2023 19:41:25 GMT
server: nginx
x-timer: S1692522191.187017,VS0,VE7
etag: "3186b0dd33d5be8e5e84fc792730c727"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 15, 1

GET 1139764032__WacLkUaG.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/ Frame 7411 0
0

GET
H2 200 thumb_ab8c72deb741253459216091a66306d3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ul.pubpowerplatform.io/assets/img/ Frame 7411 8 KB
8 KB 55ms
54ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ul.pubpowerplatform.io/assets/img/thumb_ab8c72deb741253459216091a66306d3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d75f1bd1489445db4a1b2d36e1090f312d3e352a14952c0f7e1a345941ef36bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ul.pubpowerplatform.io/assets/img/thumb_ab8c72deb741253459216091a66306d3.png
age: 2071213
edge-cache-tag: 424711412776984439759600105515532578676,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 424711412776984439759600105515532578676,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 121
expiration: expiry-date="Fri, 11 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://rockcontent.com/
content-length: 7780
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000044-IAD, cache-iad-kiad7000043-IAD, cache-sna10736-LGB, cache-iad-kcgs7200171-IAD, cache-fra-etou8220025-FRA
last-modified: Tue, 11 Jul 2023 15:03:06 GMT
server: nginx
x-timer: S1692522191.223902,VS0,VE3
etag: "553e5b70f74f7babd732b9cb0bf983a9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 5, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1cad6b68d344f2b2ddcb895717bcbd2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a05b2d84ad5d3722ed4e3e426a4a9dbf4fbf98904251ba6fa6185e43cf8f740a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1cad6b68d344f2b2ddcb895717bcbd2.jpg
age: 1097341
edge-cache-tag: 477528214285648009619023160958472798300,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 477528214285648009619023160958472798300,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 156
req-referer: https://art-news.space/
content-length: 27296
x-request-id: 5d0c3322a1a8c6fafc3b8909c6d859f4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100023-IAD, cache-iad-kjyo7100069-IAD, cache-lga21954-LGA, cache-iad-kcgs7200132-IAD, cache-fra-etou8220025-FRA
last-modified: Fri, 14 Jul 2023 22:23:57 GMT
server: nginx
x-timer: S1692522191.251996,VS0,VE0
etag: "9deb6f2a0e9c042579a574efb10f3745"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11d39e14ec4e0e97c11a1d205e962a42.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ae9bfb73f810deef70ec5bccee09c6018869a3e0d9f993f97b4a93156f9ed19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11d39e14ec4e0e97c11a1d205e962a42.jpg
age: 2993217
edge-cache-tag: 376275636671873506984966869236665535287,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 376275636671873506984966869236665535287,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 895
req-referer: https://www.49erswebzone.com/
content-length: 36412
x-request-id: e5dc14f0d5898c08f7a547594537db9e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200072-IAD, cache-iad-kcgs7200143-IAD, cache-chi-klot8100029-CHI, cache-iad-kcgs7200053-IAD, cache-fra-etou8220025-FRA
last-modified: Mon, 10 Jul 2023 00:31:52 GMT
server: nginx
x-timer: S1692522191.252206,VS0,VE0
etag: "30f7ea58d423f691f26e479dd93a713a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 137, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/881a403e-4bda-4d9c-94ea-0a45762f8204__Hr600ZsN.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d560219c98d72ccdc78653e476c2451ab000f59423c1b092f2779c9f0646cdb8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/881a403e-4bda-4d9c-94ea-0a45762f8204__Hr600ZsN.jpg
age: 2318889
edge-cache-tag: 627299696012897742698541150110373318645,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 627299696012897742698541150110373318645,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 586
expiration: expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://travelseeker.de/
content-length: 13580
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000052-IAD, cache-iad-kiad7000091-IAD, cache-sna10731-LGB, cache-iad-kiad7000095-IAD, cache-fra-etou8220025-FRA
last-modified: Fri, 14 Jul 2023 16:53:11 GMT
server: nginx
x-timer: S1692522191.252222,VS0,VE0
etag: "85e102572e8c59794e362168e2acdaad"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abec9cd012ed7b5b7c7c88571457b204.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 779944052ce3b89662a494eab2c1d7d773f587751bbee28ae09d1247125a6ce2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abec9cd012ed7b5b7c7c88571457b204.png
age: 1468819
edge-cache-tag: 295850115356542585480646545745049189932,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 295850115356542585480646545745049189932,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 115
req-referer: https://wutils.com/
content-length: 19740
x-request-id: 0d6e837f0f84596a576410247c4d7549
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100175-IAD, cache-iad-kjyo7100062-IAD, cache-lga21927-LGA, cache-iad-kjyo7100033-IAD, cache-fra-etou8220025-FRA
last-modified: Tue, 11 Jul 2023 19:41:25 GMT
server: nginx
x-timer: S1692522191.252190,VS0,VE0
etag: "3186b0dd33d5be8e5e84fc792730c727"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 15, 2

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 148ms
148ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=29pcvgr38faa08&experiment=prebidbidisrequired&variant=active&service=dynamic&area=top&product=embed&forum=fakeoff&zone=thread&version=cd63a892ad6cfe24a51d9c0f999a4afa&page_url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=3456147

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 st Show response
imprammp.taboola.com/ Frame B4E4 577 B
476 B 63ms
63ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&cmcv=&pix=undefined&cb=1692522191471&uv=3321&tms=1692522191471&abt=nonrv_vA!t45!testmsn_vB!ufm&ru=https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ad1d5558-ecc7-414e-8c60-07be3dbfe8a4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: edc531a5cf3981498a7289095a689ce175adc4f64a19b00f57cf5f16514754d1

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sun, 20 Aug 2023 09:03:11 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1692522192.509342,VS0,VE11

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 0E84 439 B
524 B 50ms
50ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: fd0659e55f63f76401bac85c0e704032736e5debd8d5e368a5487ab59d3252ea

Request headers

Referer: https://fakeoff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 20 Aug 2023 09:03:11 GMT
machineid: 3402
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 7411 1 KB
737 B 163ms
143ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692522191476&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1541&pt=584852210&tz=60&viewable=true&ddast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3039385&dpubid=224845&abtst=nonrv_vA!t45!testmsn_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Ffakeoff.org&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c824136b36d565b93694a69bad2bd35daddea2d072d87348ca10bcffec5b34f

Request headers

Referer: https://fakeoff.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1460
x-cache: MISS
x-served-by: cache-fra-etou8220025-FRA
pragma: no-cache
server: nginx
x-timer: S1692522192.523737,VS0,VE91
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fakeoff.org
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame 7411 0
43 B 49ms
48ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&cmcv=&pix=31589837&cb=1692522191471&uv=3321&tms=1692522191471&abt=nonrv_vA!t45!testmsn_vB!ufm&ru=https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1692522184671.6!ts:1692522191471&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0E84 70 B
264 B 179ms
54ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Aug 2023 09:03:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 0eaac768-9489-464c-acc8-ce6882bb2873-tuctbdb5c4e
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0E84 43 B
426 B 169ms
57ms Image
image/gif 2a05:d018:d29:3605:f821:c088:dfda:b5f7

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/0eaac768-9489-464c-acc8-ce6882bb2873-tuctbdb5c4e?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:f821:c088:dfda:b5f7 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 0E84 0
125 B 206ms
60ms Image
text/plain 3.71.149.231

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B4E4 70 B
265 B 167ms
53ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&cmcv=&pix=undefined&cb=1692522191471&uv=3321&tms=1692522191471&abt=nonrv_vA!t45!testmsn_vB!ufm&ru=https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ad1d5558-ecc7-414e-8c60-07be3dbfe8a4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Aug 2023 09:03:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 0eaac768-9489-464c-acc8-ce6882bb2873-tuctbdb5c4e
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B4E4 43 B
425 B 160ms
60ms Image
image/gif 2a05:d018:d29:3605:f821:c088:dfda:b5f7

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/0eaac768-9489-464c-acc8-ce6882bb2873-tuctbdb5c4e?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&cmcv=&pix=undefined&cb=1692522191471&uv=3321&tms=1692522191471&abt=nonrv_vA!t45!testmsn_vB!ufm&ru=https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ad1d5558-ecc7-414e-8c60-07be3dbfe8a4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:f821:c088:dfda:b5f7 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AD90 281 B
554 B 178ms
57ms Document
text/html 95.101.149.233

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8jY0CLAbUbpZ0Gnfp7hOo3SzpNO7S3S8AAABgYED8AEmYHCPXajVcqzwe31q0GK3cwo1tsBbsJi7PyGJzGRemISAJk2PkWq2Ga5XH41uLFqOVW7ixDdaC3cTlGVlsLuPCtAZeaDodPte9Xubwuvw2m11v-flFL4_R7jf7fc6_1vI63F3Oz9HpfGstT8Pp7xZc_i6v6a13uNyyl93vtrtMv7_l65Y-DGeH3Wn52x52u_P51nwdbjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDgrsuL7fFZfn5AwAAAAAIAAAAABIAA25NJQBcwDJP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAABdDlJYpHUgp1VOIFAAXYQQAAABA6liQ5cgknaBiUeX__7_fCsAVAIAARYmXC8IsuoMSb2EAAAAExNjanc6eHl6bjVmgh8XvNzvsGr_bZf7_________zfyf-UcjVMTcnCYo5shVzS8gAMCaX0AAADbqBgDgTQCckEOBptPhc93rZQ6vy2-z2fWWn190CFoxGKxOQMwOAAAAwJ3___9_PLZ2p7Onh9dmekDEMlmsdrvdajCz2Bwz32I08kw2nsnI45qZPDOT9xTDABnAW-h2-JmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAMrh8Pjmw3XytFwuRbNRhu3wuMxrjUu23A4mVgsw91mLXp9TBeTxbUxrbxIMGBsL5KnRTqReUYL43CzHI0cnonFOZqZbK7FcLUajEajjWe1mIglmpNFOpFd9hXLZLHa7Xarwcxic8x8i9HIM9l4JiOPa2byzEz-wsrh8Phmw7VyNFyuRbPRxq3weIxrjcs2HE4mFstwt1mLXh_TxWRxbUwrf2O2nKwmk8VysG_MlpPVZLJYDvYdJtMz9TkbndmM1SOzVbcrj-jmNChcBov3JzEtpt3ZwfP7HZ0220dZ0Bn9fr_f7_f7_X6_36D1HMwGhW9c9imN2afSr_hsHAeDIpYILtKJyOl5vD5vmcPr8ttsFrFEabpIJ3rRy2O0-81-n_OvtbwOd5fzc3Q631rL03D6uwWXv8treusdLrfsZfe77S7T72_5uqUPw9lhd1r-tofd7ny-NV-H2yKWCE4X6UT0Mp4u6j9qwMlcsVzOFZvBXDRaJQAAAAAAAAAASzDNdBMAAAAAJwOZjIaj1TodzGCz3AxXywVQAfGtCxgEAAAAAACgWGOPOZDT83h93jKH1-W32awM4MFpkdlmnxHEWq2WNQAAAAFsAAAAAdx0401AmBX3____Pw4AACCAHHoAAADi_wBUiLVarW431mq1AhbMajHcTeD___8_!&cmcv=&pix=undefined&cb=1692522191471&uv=3321&tms=1692522191471&abt=nonrv_vA!t45!testmsn_vB!ufm&ru=https://fakeoff.org/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ad1d5558-ecc7-414e-8c60-07be3dbfe8a4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Aug 2023 09:03:11 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/33_2_1/infra/ Frame 7411 785 KB
134 KB 159ms
52ms Script
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: AmazonS3-br /
Resource Hash

Request headers

Referer: https://fakeoff.org/
Origin: https://fakeoff.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime: 1692189091
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 5955M656ZSSY4PM4
age: 332932
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1692189092
x-amz-meta-mode: 33188
content-length: 136258
x-amz-id-2: P4SCaBOLVzwcoMoPFcmJve3kMUUxkjgjQOY6GzvPiwUhErklTwfOaifGyjZ2y5lovNQBghgekwI=
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Wed, 16 Aug 2023 12:31:33 GMT
server: AmazonS3-br
x-timer: S1692522192.777907,VS0,VE0
etag: "06a2f27e213aef47b86f2897d332942c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 97000

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_1/assets/css/ Frame 7411 60 KB
8 KB 52ms
52ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_2_1/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime: 1692189153
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 59599YXTB0DADYP2
age: 332932
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1692189153
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: ZtbazoCfDuEZgQgLAeBPJRC85bkHnoEZkIxiIHmn8HE+h7lx3uRNayR77PXt4kKFCfZ5UWPTyPY=
x-served-by: cache-fra-etou8220025-FRA
last-modified: Wed, 16 Aug 2023 12:32:34 GMT
server: AmazonS3-br
x-timer: S1692522192.671530,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 272791

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/142357.832.0/ Frame 8F43 123 KB
35 KB 52ms
50ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/142357.832.0/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 844297ae24a6b5507d83a5c6d791000ba4ac28aa46c122eaa199fac8940f2e18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 238295
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35461
x-served-by: cache-fra-etou8220025-FRA
last-modified: Thu, 17 Aug 2023 14:30:19 GMT
server: AmazonS3
x-timer: S1692522192.723349,VS0,VE0
etag: "5ff7a58a166f01b804c4717283c527f1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: x0MpYYwsAKjNzfYurk3fkH9e5gaET4g0RImkJRL08NAo0_Ax3vY7AA==
x-cache-hits: 48

GET
H2 200 userx.20230816-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 8F43 17 KB
6 KB 56ms
54ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230816-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7edf23266109a291d04fb6729c9fe1b7eee7dc0dda62b44f11d2be6de79d002

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: E5dGmKlF7MAdreZYHsHg0GFXLkmk.Fdo
content-encoding: gzip
via: 1.1 varnish
date: Sun, 20 Aug 2023 09:03:11 GMT
x-amz-request-id: BH435CXESQ32Q8C6
age: 2535
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: 8b+bBG/qTggx23MqTBkRG5PKUNuaSRFOR2RWnJmh+z1/Ys5oX2kuC9DH7Ymuea+e4KXmQ8hLbrc=
x-served-by: cache-fra-etou8220025-FRA
last-modified: Sun, 20 Aug 2023 08:20:56 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692522192.724851,VS0,VE0
etag: "da682b5af6eefaa9198a4b57e340288c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 740

GET
H2 204 fix-user-id
trc.taboola.com/disqus-fakeoff/log/3/ Frame 8F43 0
307 B 68ms
68ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/disqus-fakeoff/log/3/fix-user-id?lti=deflated&ri=5927b34b3126ba2a34804b7f224fa021&sd=v2_3cb76dbfe90311f7bcce4c0ac2d94d54_4baf6645-3576-4500-9914-d4a6fcd673cc-tuctbdb5c4f_1692522191_1692522191_CIi3jgYQ36FUGL-uvJGhMSABKAEwODib4wlAgooQSMmG2ANQ____________AVgAYABo8YOR1vSR_bgFcAA&ui=4baf6645-3576-4500-9914-d4a6fcd673cc-tuctbdb5c4f&pi=/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&wi=1692610200310503927&pt=text&vi=1692522190655&time=1692522191685&fromUser=0eaac768-9489-464c-acc8-ce6882bb2873-tuctbdb5c4e&toUser=4baf6645-3576-4500-9914-d4a6fcd673cc-tuctbdb5c4f&fromSD=v2_b221577750fbf1f714d32c32dc5fd3fd_0eaac768-9489-464c-acc8-ce6882bb2873-tuctbdb5c4e_1692522190_1692522190_CIi3jgYQ36FUGL-uvJGhMSABKAEwODib4wlAgooQSMmG2ANQ____________AVgAYABo8YOR1vSR_bgFcAA&toSD=v2_3cb76dbfe90311f7bcce4c0ac2d94d54_4baf6645-3576-4500-9914-d4a6fcd673cc-tuctbdb5c4f_1692522191_1692522191_CIi3jgYQ36FUGL-uvJGhMSABKAEwODib4wlAgooQSMmG2ANQ____________AVgAYABo8YOR1vSR_bgFcAA&tim=10%3A03%3A11.685&id=8852&llvl=2&cv=20230816-2-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7523
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220025-FRA
pragma: no-cache
server: nginx
x-timer: S1692522192.724823,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
am-trc-events.taboola.com/disqus-fakeoff/log/3/ Frame 8F43 0
230 B 48ms
48ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-fakeoff/log/3/abtests?route=AM:AM:V&tvi2=-2&lti=deflated&ri=5927b34b3126ba2a34804b7f224fa021&sd=v2_3cb76dbfe90311f7bcce4c0ac2d94d54_4baf6645-3576-4500-9914-d4a6fcd673cc-tuctbdb5c4f_1692522191_1692522191_CIi3jgYQ36FUGL-uvJGhMSABKAEwODib4wlAgooQSMmG2ANQ____________AVgAYABo8YOR1vSR_bgFcAA&ui=4baf6645-3576-4500-9914-d4a6fcd673cc-tuctbdb5c4f&pi=/technology/krupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&wi=1692610200310503927&pt=text&vi=1692522190655&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692522191688%7D&tim=10%3A03%3A11.688&id=4098&llvl=2&cv=20230816-2-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 20 Aug 2023 09:03:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 d2ccd94a-030c-47e7-bb81-ba830f86c09a__V38bcSa1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ Frame 8F43 15 KB
16 KB 60ms
59ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d2ccd94a-030c-47e7-bb81-ba830f86c09a__V38bcSa1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c1caa5854b229c2e531ef5c9c92b5d65e9aae7d25a0419fb1dce29d4d7d33315

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d2ccd94a-030c-47e7-bb81-ba830f86c09a__V38bcSa1.jpg
age: 2105183
edge-cache-tag: 514094232054226937905219340252032960808,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 514094232054226937905219340252032960808,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 362
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bleepingcomputer.com/
content-length: 15242
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000073-IAD, cache-iad-kjyo7100056-IAD, cache-sna10731-LGB, cache-iad-kiad7000037-IAD, cache-fra-etou8220025-FRA
last-modified: Mon, 17 Jul 2023 00:41:47 GMT
server: nginx
x-timer: S1692522192.730854,VS0,VE1
etag: "6a244a0be7309b38132bc3890a524212"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 6, 1

GET
H2 200 15d9fa5d0bf5ec2077383e7b24dd75dc.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8F43 45 KB
46 KB 53ms
52ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15d9fa5d0bf5ec2077383e7b24dd75dc.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b7929c9ad2f891a7daefd6a13da7198cf4244c04283a69974b9260916500d11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15d9fa5d0bf5ec2077383e7b24dd75dc.png
age: 3349639
edge-cache-tag: 406602085527147942603416050484279212725,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 406602085527147942603416050484279212725,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 144
expiration: expiry-date="Sun, 23 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sohu.com/
content-length: 45938
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200161-IAD, cache-iad-kiad7000094-IAD, cache-lga21959-LGA, cache-iad-kjyo7100168-IAD, cache-fra-etou8220025-FRA
last-modified: Thu, 22 Jun 2023 11:54:14 GMT
server: nginx
x-timer: S1692522192.731197,VS0,VE1
etag: "f58973bc37dd84985598df4c1f400108"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 28, 1

GET
H2 200 dbed33831df25db9fdbb8d0a4256fdb9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8F43 12 KB
13 KB 59ms
59ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dbed33831df25db9fdbb8d0a4256fdb9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ce9a6262af5ee15f2aa10e53851715c81064f46210aa1cde24e30c0a8c5f5bc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dbed33831df25db9fdbb8d0a4256fdb9.jpg
age: 1777962
edge-cache-tag: 426362116261248554128180984346383125424,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 426362116261248554128180984346383125424,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 168
expiration: expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://willibehappy.com/
content-length: 12114
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000075-IAD, cache-iad-kcgs7200078-IAD, cache-lax10662-LGB, cache-iad-kjyo7100122-IAD, cache-fra-etou8220025-FRA
last-modified: Fri, 14 Jul 2023 10:54:26 GMT
server: nginx
x-timer: S1692522192.731177,VS0,VE1
etag: "711d9b4cee9a317186d18c4a3a164822"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 49, 1

GET
H2 200 143691057__rwahqYT4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IMS/ Frame 8F43 6 KB
7 KB 54ms
54ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IMS/143691057__rwahqYT4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 69c5e6862eaa444578703e278a384cede0ca6d47abf5397b1741e67bc533d2b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IMS/143691057__rwahqYT4.jpg
age: 2026264
edge-cache-tag: 513735532883613864475513547182623358385,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 513735532883613864475513547182623358385,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 99
req-referer: https://www.femmezine.fr/beaute/chirurgie-esthetique/acide_hyaluronique_tout_savoir.html
content-length: 6132
x-request-id: 651210ced7d247293024d0f11e93cf04
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100122-IAD, cache-iad-kjyo7100053-IAD, cache-lax10628-LGB, cache-iad-kiad7000100-IAD, cache-fra-etou8220025-FRA
last-modified: Thu, 27 Jul 2023 13:48:06 GMT
server: nginx
x-timer: S1692522192.731294,VS0,VE1
etag: "e5728af924cb57656989417f6e4d778f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 3, 1

GET
H2 200 5e4dbb2d24b79188af8f2d7c279942d6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8F43 7 KB
7 KB 63ms
62ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e4dbb2d24b79188af8f2d7c279942d6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fcaec05e2975f8dc999fd62f1d224b7f5b82a51ba33b651847848535381190ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e4dbb2d24b79188af8f2d7c279942d6.jpg
age: 6293721
edge-cache-tag: 502025294021880352572037542069404886008,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 502025294021880352572037542069404886008,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 157
req-referer: https://www.windowssiam.com/
content-length: 6694
x-request-id: c37d1ec4c518bd66f05fa5ac480e6d57
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000105-IAD, cache-iad-kcgs7200066-IAD, cache-sna10721-LGB, cache-iad-kcgs7200068-IAD, cache-fra-etou8220025-FRA
last-modified: Wed, 17 May 2023 11:09:49 GMT
server: nginx
x-timer: S1692522192.733237,VS0,VE1
etag: "27744e3793818dea1dc2bfaee95e999d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 1

GET
H2 200 1733edbc9ce250cb4b365f65b1500a46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8F43 8 KB
9 KB 57ms
57ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1733edbc9ce250cb4b365f65b1500a46.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 32def5f1169a5d29f192177c3dc526b244e5f17443a8ebfaee2502dbd1a04f39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1733edbc9ce250cb4b365f65b1500a46.jpg
age: 1464302
edge-cache-tag: 446118332469563501272136002959020345396,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 446118332469563501272136002959020345396,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 366
req-referer: https://gzipwtf.com/
content-length: 8260
x-request-id: d58c6a52b0bb49d47dee8d23b34a4c89
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kcgs7200039-IAD, cache-chi-kigq8000105-CHI, cache-iad-kiad7000095-IAD, cache-fra-etou8220025-FRA
last-modified: Tue, 01 Aug 2023 13:55:43 GMT
server: nginx
x-timer: S1692522192.789104,VS0,VE1
etag: "c70577331e2fa3166969b5a2f7aed697"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 102, 1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AD90 34 KB
10 KB 65ms
65ms Script
text/html 95.101.149.233

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e2ffa0996ab42fd93af0ee29ef3019acba41ccd90b469164e07d8b1dc5b2b09b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 09:03:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Aug 2023 15:40:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23857
Connection: keep-alive
Content-Length: 10116
Expires: Sun, 20 Aug 2023 15:40:48 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d2ccd94a-030c-47e7-bb81-ba830f86c09a__V38bcSa1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c1caa5854b229c2e531ef5c9c92b5d65e9aae7d25a0419fb1dce29d4d7d33315

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d2ccd94a-030c-47e7-bb81-ba830f86c09a__V38bcSa1.jpg
age: 2105183
edge-cache-tag: 514094232054226937905219340252032960808,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 514094232054226937905219340252032960808,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 362
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bleepingcomputer.com/
content-length: 15242
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000073-IAD, cache-iad-kjyo7100056-IAD, cache-sna10731-LGB, cache-iad-kiad7000037-IAD, cache-fra-etou8220025-FRA
last-modified: Mon, 17 Jul 2023 00:41:47 GMT
server: nginx
x-timer: S1692522192.807193,VS0,VE0
etag: "6a244a0be7309b38132bc3890a524212"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 6, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15d9fa5d0bf5ec2077383e7b24dd75dc.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b7929c9ad2f891a7daefd6a13da7198cf4244c04283a69974b9260916500d11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15d9fa5d0bf5ec2077383e7b24dd75dc.png
age: 3349639
edge-cache-tag: 406602085527147942603416050484279212725,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 406602085527147942603416050484279212725,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 144
expiration: expiry-date="Sun, 23 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sohu.com/
content-length: 45938
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200161-IAD, cache-iad-kiad7000094-IAD, cache-lga21959-LGA, cache-iad-kjyo7100168-IAD, cache-fra-etou8220025-FRA
last-modified: Thu, 22 Jun 2023 11:54:14 GMT
server: nginx
x-timer: S1692522192.809687,VS0,VE0
etag: "f58973bc37dd84985598df4c1f400108"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 28, 2

GET
H2 200 dbed33831df25db9fdbb8d0a4256fdb9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8F43 12 KB
12 KB 60ms
59ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dbed33831df25db9fdbb8d0a4256fdb9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ce9a6262af5ee15f2aa10e53851715c81064f46210aa1cde24e30c0a8c5f5bc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dbed33831df25db9fdbb8d0a4256fdb9.jpg
age: 1777962
edge-cache-tag: 426362116261248554128180984346383125424,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 426362116261248554128180984346383125424,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 168
expiration: expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://willibehappy.com/
content-length: 12114
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000075-IAD, cache-iad-kcgs7200078-IAD, cache-lax10662-LGB, cache-iad-kjyo7100122-IAD, cache-fra-etou8220025-FRA
last-modified: Fri, 14 Jul 2023 10:54:26 GMT
server: nginx
x-timer: S1692522192.809725,VS0,VE0
etag: "711d9b4cee9a317186d18c4a3a164822"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 49, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IMS/143691057__rwahqYT4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 69c5e6862eaa444578703e278a384cede0ca6d47abf5397b1741e67bc533d2b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IMS/143691057__rwahqYT4.jpg
age: 2026264
edge-cache-tag: 513735532883613864475513547182623358385,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 513735532883613864475513547182623358385,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 99
req-referer: https://www.femmezine.fr/beaute/chirurgie-esthetique/acide_hyaluronique_tout_savoir.html
content-length: 6132
x-request-id: 651210ced7d247293024d0f11e93cf04
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100122-IAD, cache-iad-kjyo7100053-IAD, cache-lax10628-LGB, cache-iad-kiad7000100-IAD, cache-fra-etou8220025-FRA
last-modified: Thu, 27 Jul 2023 13:48:06 GMT
server: nginx
x-timer: S1692522192.809769,VS0,VE0
etag: "e5728af924cb57656989417f6e4d778f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e4dbb2d24b79188af8f2d7c279942d6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fcaec05e2975f8dc999fd62f1d224b7f5b82a51ba33b651847848535381190ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fakeoff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 20 Aug 2023 09:03:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e4dbb2d24b79188af8f2d7c279942d6.jpg
age: 6293721
edge-cache-tag: 502025294021880352572037542069404886008,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 502025294021880352572037542069404886008,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 157
req-referer: https://www.windowssiam.com/
content-length: 6694
x-request-id: c37d1ec4c518bd66f05fa5ac480e6d57
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000105-IAD, cache-iad-kcgs7200066-IAD, cache-sna10721-LGB, cache-iad-kcgs7200068-IAD, cache-fra-etou8220025-FRA
last-modified: Wed, 17 May 2023 11:09:49 GMT
server: nginx
x-timer: S1692522192.846838,VS0,VE0
etag: "27744e3793818dea1dc2bfaee95e999d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 2

GET khaos.jpg
token.rubiconproject.com/ Frame AD90 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/1139764032__WacLkUaG.jpg

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fakeoff.org/	1970-01-20 23:44:42	Name: _ga Value: GA1.2.1290481572.1692522185
.fakeoff.org/	1970-01-20 14:10:08	Name: _gid Value: GA1.2.120456035.1692522185
.fakeoff.org/	1970-01-20 14:08:42	Name: _gat Value: 1
.fakeoff.org/	1970-01-20 23:30:18	Name: __gads Value: ID=7c96a6c542daa9f1-22973b0b56de0002:T=1692522184:RT=1692522184:S=ALNI_Ma8ZXuiC004SqsReefb0sfzZGxDNQ
.fakeoff.org/	1970-01-20 23:30:18	Name: __gpi Value: UID=00000c6488a25b88:T=1692522184:RT=1692522184:S=ALNI_MapHPURkVg0HlOA1lVrZOYl30lIVg
.fakeoff.org/	1970-01-20 23:44:42	Name: _ga_74NFLJBQ6S Value: GS1.2.1692522185.1.0.1692522185.0.0.0
.mytheresa.com/	1970-01-20 22:54:18	Name: tc_cj_v2_cmp Value: %7D-%24%2F%20%2Ay%22%7C
.mytheresa.com/	1969-12-31 23:59:59	Name: TC_CHECK_COOKIES_SUPPORT Value: 1
.mix-phoenix.commander1.com/	1970-01-20 22:54:18	Name: tc_cj_v2_cmp Value: %7D-%24%2F%20%2Ay%22%7C
.commander1.com/	1970-01-20 22:54:18	Name: TCID Value: 202308201103056700847817
.doubleclick.net/	1970-01-20 23:30:18	Name: IDE Value: AHWqTUnuj2jT1KUqG5eomeydGOrv_k1DSlaHWdOOOcDHrRR4u4weod1sciGCwct8B28
.mytheresa.com/	1970-01-20 22:54:18	Name: tc_cj_v2 Value: ~%24.%2B%27%7B4y%2B-%2AZZZ%7D-%24%2F%20%2AZZZKPSLOLLKRPJJJZZZpc_q
.mix-phoenix.commander1.com/	1970-01-20 22:54:18	Name: tc_cj_v2 Value: ~%24.%2B%27%7B4y%2B-%2AZZZ%7D-%24%2F%20%2AZZZKPSLOLLKRPJJJZZZpc_q
.mytheresa.com/	1970-01-20 22:54:18	Name: CAID Value: 202308201103056700847817
.googleadservices.com/	1970-01-20 16:18:18	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:08:45	Name: DSID Value: NO_DATA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://fakeoff.disqus.com/embed.js(Line 46) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://fakeoff.disqus.com/embed.js(Line 46) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093309234994562&output=html&h=280&slotname=5416012684&adk=864902465&adf=1223954278&pi=t.ma~as.5416012684&w=1140&fwrn=4&fwrnh=100&lmt=1692518584&rafmt=1&format=1140x280&url=https%3A%2F%2Ffakeoff.org%2Ftechnology%2Fkrupneyshiy-kripto-proekt-oae-venomnetwork-zaplanirovannyy-skam&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692522184581&bpp=1&bdt=772&idt=256&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C890x280&correlator=3249740934375&frm=20&pv=1&ga_vid=1290481572.1692522185&ga_sid=1692522185&ga_hid=89771677&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076839%2C31077017%2C31077088%2C31077090%2C31077148%2C42531705%2C31077198%2C44799580&oid=2&pvsid=4139042205702122&tmod=19340258&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=cgnu32ju4S&p=https%3A//fakeoff.org&dtd=259 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-2093309234994562&fa=1&ifi=5&uci=a!5&btvi=3&xpc=t40iX05Qeh&p=https%3A//fakeoff.org Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
c.disquscdn.com
cat.nl3.eu.criteo.com
cdn.taboola.com
cdn.viglink.com
cdnjs.cloudflare.com
cs.mytheresa.com
csm.eu.criteo.net
disqus.com
eus.rubiconproject.com
fakeoff.disqus.com
fakeoff.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
images.taboola.com
imprammp.taboola.com
links.services.disqus.com
match.adsrvr.org
mix-phoenix.commander1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
referrer.disqus.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s7.addthis.com
static.criteo.net
stats.g.doubleclick.net
tempest.services.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
images.taboola.com
token.rubiconproject.com
141.226.228.48
142.250.185.130
143.204.215.42
151.101.1.44
151.101.128.134
151.101.193.44
178.250.1.6
178.79.189.67
199.232.192.134
199.232.192.64
199.232.196.134
2001:4860:4802:34::36
23.206.208.114
2600:9000:2057:3800:6:8656:f5c0:93a1
2606:4700::6811:180e
2a00:1450:4001:801::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c0b::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:d::11
2a02:2638:d::c
2a05:d018:d29:3605:f821:c088:dfda:b5f7
3.71.149.231
35.181.77.138
52.223.40.198
95.101.149.233
016107894ecac5c2c28638b1cacee90932482e70a6460aba420127b890c0ebfa
0524f4d18098c72e69987925cab359da2373b55f2cf2d81386cb8bb206f08059
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09bb641782bf84ccdb33a4ef092f25747cb29ea3035264ef235c8ffa2500c04e
0a2802b377b9d2d19d96c6d4a24d20f5f5ff55625d0b9ca1a046b334ff9634ed
0aa39660d34a955ff754aa0b19433c2c83892c391d78ac735b55152e91dd531c
0de3af892e27f6be3549ed0afccbcc37b3fbba0a84f7f5227de945cf7b6fbe6b
0e55f2f01ee66a22f1a756ea2c7fe005e089dfd9e52294f10b1e5a0b65cd2afc
10d607e4338e832a6e578de0acf1cdc78b4b3fe20a9e8076a1c770f8c7eb995d
110962f5777d422e4b79571633dd4798a7c32701fd5f85e0111ec25636b3ec60
13d39f4d1840cbdc8f7f9be720f0b539b2918421d082fb2ae03edd3aab0b290c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186c4b698713ee5d87944f72263e725fc184d11201d37ee3fbd9b96312819a36
1aabfc9b0bd3c0f509de662fbf4d8d74e42fc7831125281c950f6e7e029ec27e
1b7660fd238f38896de08fb319606535a749bed0ca10fe946e3368442433e444
2014f070d3d6ef2ad40b72275cf98727b040061d6191fbeaaeb7798d84fd4801
23e13658f8b922ebbf93527ff9fa010f9fd4f4ab67db188b015d264eb316e8b9
24426702885b51d96ffa44c1bb007c013df8083778c8cc73c96cc447674adef9
2539cc579a002b56de22ee5f2df5b12b06179e0da41e70ddb0820226da80ca70
28a1e388fda894bf20c11c9f44e0c27ac6a848200af3d340724a582317717ad1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dc32330d1534c391b01349fe480597465e0dcbafe4115d7ba783001a450d7e7
2dedd519dc51df12b16a8ab8f955e77614b068d9c216cc1dc8468c17186e1d7a
2f6bd0d566236c4652a1bd02e00a81152461e493dc57158d9e70fac85360e552
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
32def5f1169a5d29f192177c3dc526b244e5f17443a8ebfaee2502dbd1a04f39
332f1e0cb7c994860bdb33139733134ebc3a799d880347bc3df13f9dfdb1afad
357106abbbd067ad802d3d332d5ff5d711bd613a75362f8fe879288600ae433b
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
379c1f39e588b387daeb39fb44639aff04eb175e54956a572bb7b7d11d8b2a75
3a540aaa26f49679d410f41f2d112b75102f5ee13897b0bc8d0ebc74398776bf
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bbf56fde0bc61dfa37b427b684372a828230584f870813ea13e814708793b06
3bcc1340d90b3d55accb9a57998b69708fea2a63c39f7369047469f952ccad4f
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411371f21b96f6ed307eae34c88f7f0cf2d6f273e54f43b02b1cc2a1cbe5a4b6
42709c4a2cf86fb64369e1625bcc45bb7b53d9814394d840be4d4e3e26b90fdb
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468cafe24cf8903ea148d52effcdcabfaabf59d5cb60cbc0da3b48963714e885
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49e7f86457be2fc1e41241bdb32270d4520e432ec608bca8ce6d1490b3429669
4ae9bfb73f810deef70ec5bccee09c6018869a3e0d9f993f97b4a93156f9ed19
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f43ec6bfbd5bb228c0125be74bc01b4994549d4a9bdaa4a80a2dac55a4f9064
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a8894c845a5eefb404c9a0cf652f94d41e64fbee0f8788306e49de5d5c16cf
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60fe1dd3ae260e63f97bbad7ac710336f40ae974ec7bc53d65736b502253ebe7
61538c645c2e2ea1fb6cf7d7ca6f78b1b90cbed40b09ddb6e4c03db7f37dbf32
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
61b1ad40dd51ac1ac88c81a05b61379e32ea5acded9a1f0ab8ad022ec02648f1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ccbc4105ea44f9962242c446ed2fa726787b41e6bba78814b42f6110db351b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69c5e6862eaa444578703e278a384cede0ca6d47abf5397b1741e67bc533d2b8
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b7929c9ad2f891a7daefd6a13da7198cf4244c04283a69974b9260916500d11
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6cd28d5735fb2a21f63082d3a4da74b9997b7d797993c88d3d435f33d43572a4
6dac4b41bbdb43718bf764a44bf24c3fbffbab323eafc6ad404e9202d1f73a9d
71418c6d0ee61c20c36f70359bf1af18cbd72966e6007bf2fd961f2b68c9dcf2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73561a6d0e93b6ed6fb1b0023e47aa88e4b1dec57d58224fcbbb9a7b37f5ce6f
74bbf74bc017075421e014c16268c77fb1a53faa5eed32261440ac2710fadbc6
768d156b1c28b94a6179150e7465261c78e333722c4564fd419df6de364c3a2c
779944052ce3b89662a494eab2c1d7d773f587751bbee28ae09d1247125a6ce2
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
7df27ce52ca114968c4a641e2c536f99370cec9595fde391ab8238e77eebef6f
7eacc7612211abde2bfac07e4de0be0e99f61dddc1094731c32f93e3506af282
7fe1563928bcb5f4908d38e4f5a677636cce070e0a6b304e35748c816beb5830
8032ab741bcb76c5babb353fcf826e94efd8cb47683e804d99cb8566a5e10e1d
817d70bddb8df7ff77c6b3a993d05a0cbd9a2054bf8f3bdc9a809c51de5e7f32
820115ce30deeccaff8662b29c43cfc2cbf1c4a36ec038d5f88ef6604fdd5b29
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
844297ae24a6b5507d83a5c6d791000ba4ac28aa46c122eaa199fac8940f2e18
84ccabb116fb1e7257f5a8ca64c57b0181e46aaeec52caa45432992f186a9e1d
85690359a02d3cea7d7b77bcf312c1e8a4fe0f998b17507d6b19f761879002b5
858bde92d1d321a683f55bb4afcfafc79d35e7c86511dbf63e12f8c1ce2bda73
87757e85a5722c6e5f54cde47cae0713053c1405219e9c80832d8bba2e91a357
882146362bbda5e9239e3f72f1f25287ab01bf65ff9f0f66ef21cb6b39612be1
89bb5890cbbb6f146af883d6214b3e90b0083b1da71eee079ff5bf7887b6c553
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c824136b36d565b93694a69bad2bd35daddea2d072d87348ca10bcffec5b34f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8faeed1b003d0c5cdf9f819240377c584e61616c052003299662734fc2bc30a3
914d58cdb93f6c45ab402785b213ab374f39912eb559e3c8828a3521d91a438c
96b7c1b36ae52b0d2039517d6c023bde44d98c1b2d0b59584b0048b0eff6ed85
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
99499cfa9f402951490ac306dbb7e3a8bfda458864cea88e3ba6a7d28257017c
9b98bc0d0d6414ad4d9db4b6ee8ee89b0b9ba37e3e66e22948ace11232c02378
9d5e8db7b7e834585a1f20bb99db5a173ed2585d9ab2e2058cf2c676e5092835
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9fe06903fdbfb9402413fd79cb5b520b3d172c9d4507aa3b8b5184935f238507
a00b1b74d5f2ccdfa20c09a4903ce9c3c8df6a72df646586e7236ea20f647e9c
a05b2d84ad5d3722ed4e3e426a4a9dbf4fbf98904251ba6fa6185e43cf8f740a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1ced88aee6543ae3e8cd5d651d2aeb51aac67f0f5b7d296daa7efcf36754c10
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a5952bc1b016c6fbd9584e8a338200e0d90a77c1867a29b57259eb189a23333e
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8250e9f40446d653c0d50f7735c067368a41df1bd5437423e0866f817f80e73
a9a24eacaaf00cc24586ad48b2f080191933cd4d48909f4eb146a79848319cd0
a9ed2bda0b81ef3998269bf6412b66bb3c831a22f312478b21d57c353254d382
aaa5513cdbb249e2a89186d90a196b8cd08297c8d3a26faed2e803db39f33c0e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1a323f7710dd82c6958dbaa1a56fbeb28cb171ca8eb7a6838e2fc215e8d6cd8
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b3d54daf6356a09e4bd428958907e7df82a65c89245970aabb540678a5cd7ce2
b4e02c4b3382f922e0bb35c97423d7009f3ae4643caa83817d2d3ab505a4721f
b6f93e4cc75b593d86626b9ed9013ec0feac6b794eeff8a51de946a22557e2c0
b6fc48860542f440751fe88bb71b5a664493133bcddfef8b80bd9d636c63a16d
bc4aa659c0fc4f9ae99f61f8281bcb0e0c919d8d0e84ece089f41ab35eac50d1
c05d640ce63fa682645c0dca09e72934bc87760f62a6127fceadd73186860fd7
c1caa5854b229c2e531ef5c9c92b5d65e9aae7d25a0419fb1dce29d4d7d33315
c43a41583d248c0a4cedbbe988ddfa9b525d5e55ae7f0787eb04e456f231fdda
c6e44887abfd62136f8138608b16ce6d7e5799fd57545922565f40c319fbb14f
c7edf23266109a291d04fb6729c9fe1b7eee7dc0dda62b44f11d2be6de79d002
c822f41463aafb4234c235549d2cd4aee6c1090368b70c086824d23e001def64
c827141468086ed4b19cf8db10bf34505883f26c13d382e2d02549385ed4bd8b
cad9c55ca2dab97dc874e71a94132e38d392c030fcfa61f2eb2f3e5fbcbb21ac
ccce3de631b2b98790dcfc0c56ba37a071b93a547ad101b08bf12a9e87a0a7e3
ce9a6262af5ee15f2aa10e53851715c81064f46210aa1cde24e30c0a8c5f5bc3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1810776dec42d580c5473f9eb3022271dc873fe12ea5569ebde3483bbe155e2
d1f358a82c0f7e3ee492ac360dbbbb5699d6f9a5a0ecea975a137c53797fdd58
d560219c98d72ccdc78653e476c2451ab000f59423c1b092f2779c9f0646cdb8
d75f1bd1489445db4a1b2d36e1090f312d3e352a14952c0f7e1a345941ef36bb
da97307d3fb6e77054701a1aca9808f11a63c5e91796ebb5d7cb0ecfb3b18071
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dde09bc6e291c24014135803bb635d6c72f9c18e5ccf6a0d71a874a2daff76c8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfcc7a84697ce28da8c0854bcc5974aea3e80c739550d98a14624dfdaeb713d7
e0417462ea1114f192bbcdfcc54f2c6520f4f2d632140fb1d2a7114e742e1c2a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2b15ce77d0872a33778e11fbbae305db9c901923065fcd2606e048de0830f8e
e2ffa0996ab42fd93af0ee29ef3019acba41ccd90b469164e07d8b1dc5b2b09b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e539166703acdb986b1bdd604d99375cf8c97bc778ca15ad20570ae29fcf9b4b
e67a5b0c55f16ed1f176e45796b8cb57f8722c6ddea5384af39595590479c207
ec071cee1b00bd382dd164ef5c02ee0435a62cc85a4bab41c613c2ad256356a1
ec9199f43308d0cd8941a47a405f204570dd70f87694153d776b076e0d9b6828
ecf22181714d1e0606c99a078d696f5dc1e83c2c0229198c03fc7a28326f0c4c
ed043c84e85828ce57668f1e6685168c5181288e34082786d5bf7cafaffc35f6
ed616cc61720ccb3502f66e440842f7d570aee2aefb43181d060768fb775a3f8
edc531a5cf3981498a7289095a689ce175adc4f64a19b00f57cf5f16514754d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19516879e053f2a441ccdb8c04f5084d5a0cbdf3c0942e75b39ad2341fb7744
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
fb24099c13f8994e4214f45b7230ff4a4a595bfe703020170532b4501487823b
fcaec05e2975f8dc999fd62f1d224b7f5b82a51ba33b651847848535381190ac
fd0659e55f63f76401bac85c0e704032736e5debd8d5e368a5487ab59d3252ea
fe2a86485d785cf8abdc49d86e493352cacbb5d6dfe45ff070b9c2e570df5785

fakeoff.org Open in urlscan Pro 178.79.189.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

270 Requests

97 %HTTPS

57 %IPv6

23 Domains

47 Subdomains

38 IPs

6 Countries

3908 kBTransfer

10666 kBSize

16 Cookies

8 Outgoing links

Redirected requests

270 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fakeoff.org Open in urlscan Pro
178.79.189.67 Public Scan

Screenshot
Live screenshot

Full Image

270
Requests

97 %
HTTPS

57 %
IPv6

23
Domains

47
Subdomains

38
IPs

6
Countries

3908 kB
Transfer

10666 kB
Size

16
Cookies

270 HTTP transactions
7 data transactions