ds761tbf-pl.fina.guru Open in urlscan Pro
172.67.70.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ds761tbf-pl.fina.guru/
Submission: On August 18 via api (August 18th 2024, 10:12:35 am UTC) from US — Scanned from PL

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 49 HTTP transactions. The main IP is 172.67.70.42, located in United States and belongs to CLOUDFLARENET, US. The main domain is ds761tbf-pl.fina.guru.
TLS certificate: Issued by WE1 on July 9th 2024. Valid for: 3 months.

This is the only time ds761tbf-pl.fina.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	172.67.70.42 172.67.70.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
3	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
8	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
4	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
49	13

21 172.67.70.42 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ds761tbf-pl.fina.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	fina.guru 1 redirects ds761tbf-pl.fina.guru	132 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	639 KB
8	google.com www.google.com — Cisco Umbrella Rank: 10 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 region1.analytics.google.com — Cisco Umbrella Rank: 3773	131 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	223 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	207 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	6 KB
1	google.pl www.google.pl — Cisco Umbrella Rank: 16635	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	258 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	30 KB
49	10

	Domain	Requested by
21	ds761tbf-pl.fina.guru	1 redirects ds761tbf-pl.fina.guru static.cloudflareinsights.com
8	fonts.gstatic.com	ds761tbf-pl.fina.guru fonts.googleapis.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	ds761tbf-pl.fina.guru pagead2.googlesyndication.com
3	www.google.com	ds761tbf-pl.fina.guru www.gstatic.com
2	www.googletagmanager.com	ds761tbf-pl.fina.guru www.googletagmanager.com
2	www.gstatic.com	ds761tbf-pl.fina.guru www.google.com
1	fonts.googleapis.com
1	www.google.pl	ds761tbf-pl.fina.guru
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	ds761tbf-pl.fina.guru
1	code.jquery.com	ds761tbf-pl.fina.guru
49	13

This site contains links to these domains. Also see Links.

Domain
tinyurl.com

Subject Issuer	Validity	Valid
fina.guru WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.pl WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://ds761tbf-pl.fina.guru/
Frame ID: 2C7F951CB1E0ED9B10623AA9A6BBD40C
Requests: 45 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=pl&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=78pedu2exfax
Frame ID: 34D7FA8384501C42E4EA82E3B6999AF4
Requests: 1 HTTP requests in this frame

Frame: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js
Frame ID: A78422C42F9E055CB7B5A9440E25C75D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pl&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G
Frame ID: CE77BB18D3B7F713BAF2C2DAE5C35F01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

49
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1376 kB
Transfer

3834 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tinyurl.com/2p96c6up
Title: Viber

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
ds761tbf-pl.fina.guru/ 66 KB
18 KB 380ms
325ms Document
text/html 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d32c1baeebb550b7cb3ffa39c97ec8ff611625b0493e5160deecc96cabaf6a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b51202cf958c3ad-WAW
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Sun, 18 Aug 2024 10:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFBOL%2B0RyCPORWZ7uJraNJs5UYChfyVyOJ9FPm1oR77LYX0vANiw3mKc0PPs5S2AIlNjUicx0iBTpdsUXwc4lXqSZUdNZ8Pt7i%2FnSaR52mDx9bBI5qVej6ZMDQNd1kLgjzRSlbYCew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Cookie
x-content-type-options: nosniff
x-frame-options: ALLOWALL ALLOWALL

GET
H3 200 style.min.css
ds761tbf-pl.fina.guru/static/core/m4m/css/ 50 KB
8 KB 39ms
36ms Stylesheet
text/css 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/m4m/css/style.min.css

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 13:34:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35
etag: W/"6023e0f0-c8e9"
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7lfDuBsvx%2B%2Fzg9cvX9fgUeemQ5CgI3VjXn6OGnfYBtlcUncQLht6zQmzL5ELxSSaNNGUm0PPHg7OxMfJn19rucb2YJ2RWMGPGfyrSq1vkY3xc82P4qhJyXnnQ2I0rVh32jPxTyRthQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b51202f1ccbc3ad-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.css
ds761tbf-pl.fina.guru/static/core/m4m/css/ 159 KB
28 KB 41ms
39ms Stylesheet
text/css 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1b8add97fbfd7710e32d0ab792c17e0a30c491aff1fb1cf790b1dd084aa69d4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 14:43:15 GMT
server: cloudflare
etag: W/"63ff6483-27db1"
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj2LowkoJ%2BNbeDRaRsp28EU1LhV1KOj6MOPHI%2Bix2rarQj2WNYCRlmxofvR4TWhPd2oY%2BC95NLK19DnNS7AVmcGDtxFfZGLi5yPPbvM5P0Sb9ulMp%2FetxjWhxyWiHAUwSv13z%2F4rYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b51202f1ccdc3ad-WAW

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 426ms
36ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1569189
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-eddf8230139-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1723975949.050897,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 45, 44887

GET
H3 200 main.js Show response
ds761tbf-pl.fina.guru/static/core/groshi/js/ 151 KB
48 KB 62ms
61ms Script
application/javascript 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/groshi/js/main.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01eda7f50e5a175644989807fc6c9e60d55d5d69bb50e80426b17b2750fd4fa

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: origSize=154146
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 05 Feb 2021 15:58:32 GMT
server: cloudflare
etag: W/"601d6b28-25a22"
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHMT%2BadDgHDTdICn8pp45cTRIkEZX02OYskFmfHfZVg3pjBcH%2FFaeWZdohG7YYyf7abq6E5ASdUcssyJS3quNsb5%2B0ees4LaxogLsKpZRK2ifNd6xzsFSlcp%2FzE8Sh%2FBObYU%2FE0S8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b51202f1cd0c3ad-WAW

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
51 KB 155ms
62ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

45166d61133e0e481980a76421cb601ffd5b5de658570e300c2dbb9018f37f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52328
x-xss-protection: 0
server: cafe
etag: 6874481852368694407
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 18 Aug 2024 10:12:29 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/3.6.8/ 294 KB
97 KB 443ms
44ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/3.6.8/firebase.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2017 23:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Aug 2025 14:31:20 GMT

GET
H3 200 firebase_subscribe.js Show response
ds761tbf-pl.fina.guru/ 1 KB
1 KB 38ms
37ms Script
text/javascript 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/firebase_subscribe.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7823dd8aff3839a7c17b404f6f2bb6ff0d3b444b7bad0e419a9a3f8875dacd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL, ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: origSize=3488
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 18 Aug 2024 10:11:53 GMT
cross-origin-opener-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: ALLOWALL, ALLOWALL
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2Fu%2BJM51Gw5x8jzhDqH4Hm%2BQiWvGMPzYXwDXX2U4i5bxd2hy%2BvU6WM9wr4PATDULG8FdHNOaudIPL2JZjzkp526UZ%2FCbE%2FGyv%2BYJv63rrHusFYt5qJp%2BYEVJfYAu9Jm127UhyGfS%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b51202f1cd3c3ad-WAW

GET
H3 200 Logo_FenikoPL.jpg
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
3 KB 38ms
37ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_FenikoPL.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8163fb5039177560b2da8c13dcd96a2df8ca9e68fc6533bcb991a465703c40c2

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: qual=85, origFmt=jpeg, origSize=19035
content-disposition: inline; filename="Logo_FenikoPL.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2230
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Jul 2024 07:47:24 GMT
server: cloudflare
etag: "6683b08c-4a5b"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qqGOXZ3qFy%2BydGNewGZ2TVIkhD844FpNNxUHKVX9tlmWRbptppTXk3CcY5N9AhJ5Qqq4daaD9Dz0L1O1YWfau67S9fz30xDKezLlLOclmsVbGrVTV%2B5ASI3D6o6XjbfmKj7koi3Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b51202f1cd4c3ad-WAW

GET
H3 200 Logo_Vivus_GN8Yqyg.jpg
ds761tbf-pl.fina.guru/media/data/media/ 1 KB
2 KB 37ms
36ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Vivus_GN8Yqyg.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cffe5f14c81219aaf0338bf5b33ab12e9b159e710c508008931d824bef8029

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: qual=85, origFmt=jpeg, origSize=9484
content-disposition: inline; filename="Logo_Vivus_GN8Yqyg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1518
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Jul 2024 07:49:14 GMT
server: cloudflare
etag: "6683b0fa-250c"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIBgKuQZah0vIs%2Bfz4Ou9%2BXBv%2Bae%2FF%2BygiHjmGNzpIDdHZ%2B%2B1Qd1%2FTr1vAUUWOLr%2BMXSOrrLWK1IF3w%2BZC7vAUAfoessMWjWD9yXsa73I3fMxiealJcV9iJH%2BV9DPJ7zqLUv%2BOUA3A%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b51202f1cd5c3ad-WAW

GET
H3 200 Logo_Solcredit.pl.jpg
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
3 KB 40ms
39ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Solcredit.pl.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60a7397e2fc7992fbfd597f5496b50e3166967f6e929f8238d4f2f707d928b01

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: qual=85, origFmt=jpeg, origSize=16803
content-disposition: inline; filename="Logo_Solcredit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2480
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 May 2024 07:31:42 GMT
server: cloudflare
etag: "664ef0de-41a3"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tPc5LzI8%2FR09s08EVUGwcdI4rAi%2Bm%2FBnj0LBaPsoLFNbpD8LLFMLx2%2F57s%2B4C%2BQprEX43b0UOm1G6AgmqbJwhfYxc6ooEn74E3Zw3Cj%2FdlOqLpNMOuwaMxnpRMQ1S6SMju%2FcLb1pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b51202f5d33c3ad-WAW

GET
H3 200 Logo_Net_Credit.jpg
ds761tbf-pl.fina.guru/media/data/media/ 1 KB
2 KB 40ms
39ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Net_Credit.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7722a7f9e784a8efdb6fe80beb2a097b5e1848d5600eacca7bc7bac65259b99

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: qual=85, origFmt=jpeg, origSize=8787
content-disposition: inline; filename="Logo_Net_Credit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1452
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Jul 2024 07:50:25 GMT
server: cloudflare
etag: "6683b141-2253"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RveUarQu8DNyqpKuTCr4iV6645B3Qc4JGyUWrHHEyqPQXVjtOD7lP%2B7bJ5W4y%2FyGD3oji1tBEGx7cyMNF6xiWtWiQ9FWX71l6SbX2i1PeNMFfFYTKvqRpk6NYTTq6As49B7NZNZX8A%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b51202f5d37c3ad-WAW

GET
H3 200 Logo_zaplo.pl.jpg
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
2 KB 35ms
33ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_zaplo.pl.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e46c361c368a9db34ae25d102a5bd32fb5b0fb86711a9c395a93ed7d6db6355e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: qual=85, origFmt=jpeg, origSize=11647
content-disposition: inline; filename="Logo_zaplo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1810
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Feb 2024 08:47:59 GMT
server: cloudflare
etag: "65d4673f-2d7f"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrqIT5rj7R8iHSa%2BYSbirwU%2B05CyeZzDDZRWDeQLayia%2F3%2BKpVGQbcpFqsvf6F3s2%2BXofJBKMg046RTAb1%2F6MIzMrXt8VrRIn1fp%2FwmAuuuY%2Bhwkk8CMF1sj4Kcl%2BDjiTgFYUrcPlA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b51202fad9ac3ad-WAW

GET
H3 200 Logo_SMART.jpg
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
3 KB 33ms
31ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_SMART.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1992d9bbd5ee2f386d8a027f6eb686d6896c425d171e53ba9a466c3394fc8f2c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36
cf-polished: qual=85, origFmt=jpeg, origSize=21049
content-disposition: inline; filename="Logo_SMART.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2440
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Jul 2024 07:56:37 GMT
server: cloudflare
etag: "6683b2b5-5239"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HnsPoMTgNcy19xf5x7ThcLHL20crgnyfgcbmwThCkZAc1nzkPatBg1nhmRslRV2bFD%2B7LsebSwUz%2BHrTuMpscr2XeayaiwkQpVrKePm07kFoCMmcfd9s%2FcUjV544X1BpMBdo0rpx5g%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b512031f948c3ad-WAW

GET
H3 200 Logo_Wandoo_HbR1MQa_xsyaYep.jpg
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
2 KB 33ms
31ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Wandoo_HbR1MQa_xsyaYep.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf2d453e93981fd3c3aba6827ba1e8c5f0458262a2ef1b037f38dc2e4694251d

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36
cf-polished: qual=85, origFmt=jpeg, origSize=10743
content-disposition: inline; filename="Logo_Wandoo_HbR1MQa_xsyaYep.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1762
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Mar 2024 12:38:58 GMT
server: cloudflare
etag: "65e71262-29f7"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=odbfURnq%2FAHZFTapBAf%2ByBnfcpikRBltLO0j5MDHijF7fAvUm%2FmwlDZZgsKrhB7Yhd5zOy%2BG5vzerbBQJAiC1y94TpG%2BOE0MySQG1Ryz6U4oOUVhxPFrneQj1WX%2F7ykZ20VxsAi0Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b512031f94ac3ad-WAW

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
962 B 146ms
52ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?renderer=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

82ee011b97016eaa50d6be8d65091d699b3a65e8e477572ba3366215afd5f1e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 18 Aug 2024 10:12:28 GMT

GET
H3 200 jquery.maskedinput.js Show response
ds761tbf-pl.fina.guru/static/core/pozy4ka/js/ 6 KB
3 KB 37ms
36ms Script
application/javascript 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/pozy4ka/js/jquery.maskedinput.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03aff9ba10559a70ac312000ccfe9585b762f171283c53c3271d343080425093

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
cf-polished: origSize=11272
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 11 Mar 2022 09:08:12 GMT
server: cloudflare
etag: W/"622b117c-2c08"
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5Fy6ROEP1FOr5ObGkIvyte%2Fn9Ng%2BVXs76aR6zO7A5xCHO74V25a9Jqw0PrtHyCOCJYvyc7EPBOcilg7cTzJLT4p6nBV0pUoOsNF%2F1oKT%2FAlWyDh7uzfcAaYxQlRKTYl9vAHSLV3Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b51202fddf7c3ad-WAW

GET
H3 200 email-decode.min.js Show response
ds761tbf-pl.fina.guru/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
28ms Script
application/javascript 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Aug 2024 15:30:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b635fa-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FU8d3PnTSgKab9fuYQeD28vfg3EewyR9z27gfIiFsk2i8radbQTyGtKW43mxjYRViymjjp0towbsJake6vUT7Iu0SlbB0b2ZQ6c7Iu5mf8j0dflSj4FCIqJ1Ub4o9QYB0HxET8lKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8b5120301e80c3ad-WAW
expires: Tue, 20 Aug 2024 10:12:28 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 441ms
67ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8b512034493d3546-WAW

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
98 KB 457ms
60ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVD2DK7

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6d302aad1ef13d836f993eca1d8bff98979c7c3c579fcf04090ad4953b464684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100212
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 10:12:29 GMT

GET
H3 200 recaptcha__pl.js Show response
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 533 KB
212 KB 103ms
43ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__pl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?renderer=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

47b085ae5dfb735307136851e6cb2674b191074561496f5aee33f62b7a337ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216517
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Aug 2025 14:32:25 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 45 KB
24 KB 432ms
38ms Font
font/ttf 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24295
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:40:09 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 46 KB
24 KB 482ms
89ms Font
font/ttf 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24632
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:47:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:27:36 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 46 KB
24 KB 472ms
78ms Font
font/ttf 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24405
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:57:43 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v14/ 45 KB
24 KB 501ms
108ms Font
font/ttf 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:25:13 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408150101/ 86 KB
30 KB 179ms
68ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408150101/slotcar_library_fy2021.js?bust=31086220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

20045a02aa0f10cf62d7c2cae7e6be1a9d6a5d0c132f86d3ad8ebe4bd42e576a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30739
x-xss-protection: 0
server: cafe
etag: 12925645432420619589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Aug 2024 10:12:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408150101/ 423 KB
142 KB 194ms
84ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8279955182611131&plah=ds761tbf-pl.fina.guru&bust=31086220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c6344eef5f1a358ab0b876284f9672bad51d4f62c96e6f8b84ecdb8f91ef50d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145266
x-xss-protection: 0
server: cafe
etag: 18275791695912012235
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Aug 2024 10:12:29 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 34D7 0
0 142ms
64ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=pl&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=78pedu2exfax

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__pl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MtRZlzveZEDxukAUCNupow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MtRZlzveZEDxukAUCNupow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 10:12:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

main.js Show response
ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/ Frame A784
Redirect Chain

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?

8 KB
4 KB

31ms
29ms

Script
application/javascript

172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5215b91f7e46a55793ed3b42bf17d2b51883d4c8c1b692520f26f9bfb187313

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Thm9KTeXdkhJzLPzDFOXOCu336GP88zfDucJAOSvyFuzdw4Ab39qt%2F7c9NmgRiSYgXmiwjlhTfsUwUDK2Yh9qxPN29RPLnrF4b0oDf4EVWksErbfq8p1o7xxgoFYQd4kwNLsfTQcIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b5120354e93c3ad-WAW
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 18 Aug 2024 10:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCXNF%2FgLluIADaMSym%2BOuVVY4zQPUHRraPtmt8%2FpvCxl%2FV14PKaU%2BTcVl27ePDz3U4VIBgC5zepuWSfL%2Brt7AXYn24yQ%2F56T2EhEUZuiOZjaPvcBxIvv1%2FewnlWHrfxsxLeqK%2BFhHg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b5120350e35c3ad-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 339 KB
109 KB 59ms
57ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVD2DK7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ff0ed9d6c1d1eadc99a26edbd9adf709f405ee0d3a93651d1e14d16c554ea3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 10:12:29 GMT

GET
H2 200 ca-pub-8279955182611131 Show response
fundingchoicesmessages.google.com/i/ 203 KB
67 KB 519ms
66ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8279955182611131?href=https%3A%2F%2Fds761tbf-pl.fina.guru&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8279955182611131&plah=ds761tbf-pl.fina.guru&bust=31086220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

d5a707ef20d38ed2a99a4b2f5e13bce4ec19df31b2e4ee42f2d0e7041210d895

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j3jX3Kmakpatc2hKJ5QjxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-j3jX3Kmakpatc2hKJ5QjxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YH4_rpLrM-BeO_HS6xHgViIm6NvUvs2NoEXdyfUKGkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYWBia6hkYxBcYAAC8rD3p"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 76ms
71ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 8b51202cf958c3ad Show response
ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A784 0
917 B 62ms
52ms XHR
text/plain 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/g/jsd/r/8b51202cf958c3ad
Requested by: Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Aug 2024 10:12:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMwixVJj46PE9V86bwJWKu9saFVYCgsUBVQ4nRnzCPWiApLqM7OEQI7OHj8XNLiC8S4tUaDlOGfCDYXJ5rJzCAw1EtdbVaCSA5H5pM8FVy49QFog7JD216Bkva%2BloZbCQwyNVO%2FQPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8b5120383c4dc3ad-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 583ms
48ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TRH92ECSV3&gtm=45je48e0v874499617z8854091770za200zb854091770&_p=1723975949101&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2050092813.1723975950&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723975950&sct=1&seg=0&dl=https%3A%2F%2Fds761tbf-pl.fina.guru%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1942
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 10:12:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 606ms
72ms Ping
text/plain 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TRH92ECSV3&cid=2050092813.1723975950&gtm=45je48e0v874499617z8854091770za200zb854091770&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.206.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wk-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 10:12:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pl/ads/ 42 B
408 B 603ms
73ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TRH92ECSV3&cid=2050092813.1723975950&gtm=45je48e0v874499617z8854091770za200zb854091770&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1296931192

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 10:12:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUABurMuJZh4gJZfa3IL98UMI9EXsxebs6LOfaoQsChBlqBI2uPVYQSTKidcXqXoEOjz68TT5vCw2aWu02IeeQpUAYgWXklsVppvA2UwbH4PSi5yORMcPpyTBFdmWeEzvPhuv7C Show response
fundingchoicesmessages.google.com/f/ 416 KB
63 KB 98ms
96ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUABurMuJZh4gJZfa3IL98UMI9EXsxebs6LOfaoQsChBlqBI2uPVYQSTKidcXqXoEOjz68TT5vCw2aWu02IeeQpUAYgWXklsVppvA2UwbH4PSi5yORMcPpyTBFdmWeEzvPhuv7C?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzOTc1OTUwLDQxNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnUvIixudWxsLFtbOCwiNUFFUG1UaHVsSTQiXSxbOSwicGwiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwtP7MH8hhxOnUCsFKIYjocELgJ9A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

727d6a8557fc1d0169bd90ff8949fa2e61f8c90498638853c57453da0f48e3c4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ciHkOtG3ePbJ7moxW8C9Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ciHkOtG3ePbJ7moxW8C9Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YH4_rpLrM-BeO_HS6xHgViIh6NvUvs2NoEdmxteMippJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGFgYmuoZGMQXGAAA4vQ93g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 462ms
59ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.5AEPmThulI4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzRdg8JiZ-E66Inyv4uyy3T3hM4Ug/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

21274801bf1d0bf4ac0aa5babe4fa83a733d332a55b2665b168d073486170ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 10:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 10:12:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 10:12:31 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 46ms
40ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:03:23 GMT
x-content-type-options: nosniff
age: 418147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:03:23 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 53ms
52ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:07:28 GMT
x-content-type-options: nosniff
age: 417902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:07:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 57ms
56ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ds761tbf-pl.fina.guru/
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 17:23:05 GMT
x-content-type-options: nosniff
age: 406165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35328
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 17:23:05 GMT

POST
H3 204 AGSKWxVpT1abA42dStUc1vAyL6KbwUZZHUPYxU5OE4tSgQdvBMaJTuuyE9Sb31dBS84bNm-TbqgIipYIcqeyFgF4QCOtpUKzNOV_SCYP9mY_MwnwneQcpnu_Ndg4et2RPgFlgQd6Ef9L Show response
fundingchoicesmessages.google.com/el/ 0
28 B 148ms
61ms XHR
text/html 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpT1abA42dStUc1vAyL6KbwUZZHUPYxU5OE4tSgQdvBMaJTuuyE9Sb31dBS84bNm-TbqgIipYIcqeyFgF4QCOtpUKzNOV_SCYP9mY_MwnwneQcpnu_Ndg4et2RPgFlgQd6Ef9L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6rOk1sCEkWmHm5RhwOO-cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Aug 2024 10:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-6rOk1sCEkWmHm5RhwOO-cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFeDj6JrVvYxPYsOnJDyYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWiqZ2AeX2AAAFbwLhs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpT1abA42dStUc1vAyL6KbwUZZHUPYxU5OE4tSgQdvBMaJTuuyE9Sb31dBS84bNm-TbqgIipYIcqeyFgF4QCOtpUKzNOV_SCYP9mY_MwnwneQcpnu_Ndg4et2RPgFlgQd6Ef9L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-djN0BgkRYZ_rgGWue2ZSeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Aug 2024 10:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-djN0BgkRYZ_rgGWue2ZSeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFeDj6JrVvYxNY8K_xF5OSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjGwMDTVMzCPLzAAAESVLeU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame CE77 0
0 53ms
53ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pl&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__pl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jtdIy_Bqkizwqpx5Ob1AlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jtdIy_Bqkizwqpx5Ob1AlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 10:12:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 27 KB
27 KB 45ms
44ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ds761tbf-pl.fina.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:59:15 GMT
x-content-type-options: nosniff
age: 418396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27812
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:59:15 GMT

POST
H3 204 rum Show response
ds761tbf-pl.fina.guru/cdn-cgi/ 0
145 B 38ms
36ms XHR
text/plain 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 18 Aug 2024 10:12:31 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ds761tbf-pl.fina.guru
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8b51203ebfd2c3ad-WAW

GET
H3 200 Favicon_36%D1%8536_kzmoney_brown_Jxc058t.png
ds761tbf-pl.fina.guru/media/data/media/ 1 KB
2 KB 112ms
112ms Other
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Favicon_36%D1%8536_kzmoney_brown_Jxc058t.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cb3eed7aa7cf67179bf40ec0f0ae6086de4d7733ebf8d427f5f54fb3ca86a12

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:31 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2033
content-disposition: inline; filename="Favicon_36%D1%8536_kzmoney_brown_Jxc058t.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1212
cf-bgj: imgq:85,h2pri
last-modified: Mon, 16 Oct 2023 14:12:38 GMT
server: cloudflare
etag: "652d44d6-7f1"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BO5LG8j%2FBDzennWZcKo48Ib17Rmuc6hCoSxM1NMgFD6LlJgq2u8fwZC83XWvCN%2FcAknPFO4nU51enTndeEzvC5a20QRqjOwZP1mayM4cbLqJ5mKP7Q5tmK8AqlAbCJsPki8U7P1ibg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b51203f38a7c3ad-WAW

GET
H3 200 Favicon_36%D1%8536_kzmoney_brown_Jxc058t.png
ds761tbf-pl.fina.guru/media/data/media/ 1 KB
0 1ms
0ms Other
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Favicon_36%D1%8536_kzmoney_brown_Jxc058t.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cb3eed7aa7cf67179bf40ec0f0ae6086de4d7733ebf8d427f5f54fb3ca86a12

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:31 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2033
content-disposition: inline; filename="Favicon_36%D1%8536_kzmoney_brown_Jxc058t.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1212
cf-bgj: imgq:85,h2pri
last-modified: Mon, 16 Oct 2023 14:12:38 GMT
server: cloudflare
etag: "652d44d6-7f1"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BO5LG8j%2FBDzennWZcKo48Ib17Rmuc6hCoSxM1NMgFD6LlJgq2u8fwZC83XWvCN%2FcAknPFO4nU51enTndeEzvC5a20QRqjOwZP1mayM4cbLqJ5mKP7Q5tmK8AqlAbCJsPki8U7P1ibg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b51203f38a7c3ad-WAW

GET
H3 200 192x192.png
ds761tbf-pl.fina.guru/static/pwa/ 46 B
581 B 110ms
109ms Other
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/pwa/192x192.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59409080a933821e87e581daa91a7fec2d3fa0fe0ad21441d0e9b60fe5c54a8

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ds761tbf-pl.fina.guru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:12:31 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=611
content-disposition: inline; filename="192x192.webp"
alt-svc: h3=":443"; ma=86400
content-length: 46
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Jun 2022 15:40:18 GMT
server: cloudflare
etag: "62a365e2-263"
vary: Accept
x-frame-options: ALLOWALL
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHA2f3s4QohRNpq2G5jLJ0fHy%2FDTbFjK6tC8fHc1RD7RfXlrjj4kBuwx5aakPisOuLAiegz0PQVCl7Yj4VbRh%2Fu%2FfgJ5xYrJ%2BOAo1afWCQ%2BmvnW6A4kIystmDyHSxYdWHmN%2BFoxpfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b5120400a09c3ad-WAW

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ds761tbf-pl.fina.guru/	1969-12-31 23:59:59	Name: pers_id Value: 5f8fe3945d4a11efbac0005056020efc
ds761tbf-pl.fina.guru/	1970-01-21 07:37:05	Name: csrftoken Value: D4pjsjmz7WBEYqmongRcTZJwn65fc8FV
.fina.guru/	1970-01-21 01:02:31	Name: _gcl_au Value: 1.1.283295639.1723975950
.fina.guru/	1970-01-21 07:38:31	Name: cf_clearance Value: R44kSDx8uuU3tvwiNsi47g3qxC67S2rBo7KWtV5NmNc-1723975950-1.2.1.1-zB9fhGz.hu58A4hbViaqJBmbr2IVg9uYtpXZUyCnROwOVDyX9BntLC2DfOWWupJ_8msQheh2PwDsFcoFUGt2IfU.8xNycbdj0ln4KE7GMTHRSCj2y2DepdLe3Ssevuumrp4Fquufskp9XBOf0ghiKoxphsCWL97OJOEqsFo6Gs0AtYrskFgeU2qu8DAiJHhVnAyM4wXkPgU5X6rjyR69NxzfobLWx4CRqJZKbpCt7up9z2_g9DBRGTyJJf2FZ_OkjJyGa4BOXfQfbC7.Wv27XVL3ii.3VVaYYR3BqM1jj5yVrRH85bTVrJH7QauhlfJssGuI25.Snv3oVccU9g58nvIV9Xg7ky1cd_oozYR7iLsizYKPMhlnFJHxgXRX4sc.
.fina.guru/	1970-01-21 08:28:55	Name: _ga Value: GA1.1.2050092813.1723975950
ds761tbf-pl.fina.guru/	1969-12-31 23:59:59	Name: click_id Value: 6088fba15d4a11efbac0005056020efc
.fina.guru/	1970-01-21 08:28:55	Name: _ga_TRH92ECSV3 Value: GS1.1.1723975950.1.0.1723975951.59.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ds761tbf-pl.fina.guru
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google.com
www.google.pl
www.googletagmanager.com
www.gstatic.com
104.16.79.73
142.250.181.232
142.250.184.195
142.250.185.130
142.250.185.227
142.250.186.42
142.250.186.46
151.101.194.137
172.67.70.42
216.239.34.36
216.58.206.68
216.58.212.163
74.125.206.155
03aff9ba10559a70ac312000ccfe9585b762f171283c53c3271d343080425093
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1992d9bbd5ee2f386d8a027f6eb686d6896c425d171e53ba9a466c3394fc8f2c
20045a02aa0f10cf62d7c2cae7e6be1a9d6a5d0c132f86d3ad8ebe4bd42e576a
21274801bf1d0bf4ac0aa5babe4fa83a733d332a55b2665b168d073486170ae8
24cffe5f14c81219aaf0338bf5b33ab12e9b159e710c508008931d824bef8029
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cb3eed7aa7cf67179bf40ec0f0ae6086de4d7733ebf8d427f5f54fb3ca86a12
45166d61133e0e481980a76421cb601ffd5b5de658570e300c2dbb9018f37f29
47b085ae5dfb735307136851e6cb2674b191074561496f5aee33f62b7a337ec8
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60a7397e2fc7992fbfd597f5496b50e3166967f6e929f8238d4f2f707d928b01
6d302aad1ef13d836f993eca1d8bff98979c7c3c579fcf04090ad4953b464684
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
727d6a8557fc1d0169bd90ff8949fa2e61f8c90498638853c57453da0f48e3c4
7823dd8aff3839a7c17b404f6f2bb6ff0d3b444b7bad0e419a9a3f8875dacd3c
7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7
8163fb5039177560b2da8c13dcd96a2df8ca9e68fc6533bcb991a465703c40c2
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82ee011b97016eaa50d6be8d65091d699b3a65e8e477572ba3366215afd5f1e3
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9d32c1baeebb550b7cb3ffa39c97ec8ff611625b0493e5160deecc96cabaf6a1
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
a5215b91f7e46a55793ed3b42bf17d2b51883d4c8c1b692520f26f9bfb187313
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b1b8add97fbfd7710e32d0ab792c17e0a30c491aff1fb1cf790b1dd084aa69d4
c01eda7f50e5a175644989807fc6c9e60d55d5d69bb50e80426b17b2750fd4fa
c6344eef5f1a358ab0b876284f9672bad51d4f62c96e6f8b84ecdb8f91ef50d4
ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074
cf2d453e93981fd3c3aba6827ba1e8c5f0458262a2ef1b037f38dc2e4694251d
d59409080a933821e87e581daa91a7fec2d3fa0fe0ad21441d0e9b60fe5c54a8
d5a707ef20d38ed2a99a4b2f5e13bce4ec19df31b2e4ee42f2d0e7041210d895
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46c361c368a9db34ae25d102a5bd32fb5b0fb86711a9c395a93ed7d6db6355e
e7722a7f9e784a8efdb6fe80beb2a097b5e1848d5600eacca7bc7bac65259b99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff0ed9d6c1d1eadc99a26edbd9adf709f405ee0d3a93651d1e14d16c554ea3ab

ds761tbf-pl.fina.guru Open in urlscan Pro 172.67.70.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

0 %IPv6

10 Domains

13 Subdomains

13 IPs

2 Countries

1376 kBTransfer

3834 kBSize

7 Cookies

1 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

ds761tbf-pl.fina.guru Open in urlscan Pro
172.67.70.42 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1376 kB
Transfer

3834 kB
Size

7
Cookies

49 HTTP transactions
0 data transactions