urlscan.io logo urlscan.io
SecurityTrails logo

karelia.business Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://amerisbank.ru/
Effective URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Submission: On September 11 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 27 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is karelia.business.
TLS certificate: Issued by WE1 on September 11th 2024. Valid for: 3 months.
This is the only time karelia.business was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.146.184 13335 (CLOUDFLAR...)
1 18 188.114.96.3 13335 (CLOUDFLAR...)
5 142.250.186.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 5
1    172.67.146.184 (United States)

ASN13335 (CLOUDFLARENET, US)
amerisbank.ru
18    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
karelia.business
5    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
18 karelia.business
karelia.business
188 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
210 KB
1 amerisbank.ru
amerisbank.ru
605 B
27 3
Domain Requested by
18 karelia.business 1 redirects karelia.business
7 pagead2.googlesyndication.com karelia.business
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 amerisbank.ru 1 redirects
27 4

This site contains no links.

Subject Issuer Validity Valid
karelia.business
WE1		 2024-09-11 -
2024-12-10		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Frame ID: 3C86FBB539479781CEEABFFF56CF80A9
Requests: 20 HTTP requests in this frame

Frame: https://karelia.business/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js
Frame ID: F2A8835C23FDADFFFB4CD5F5E0FCB44A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: CD71DC083681FC8094539D2D7E634C8A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5554609003873316&output=html&adk=85976724&adf=3412083302&abgtt=6&lmt=1726074543&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fkarelia.business%2F%3Fmtm_campaign%3Ddomain%26mtm_kwd%3Damerisbank&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&itsi=-1&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726074544484&bpp=3&bdt=718&idt=375&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1842152919970&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31086853%2C44795921%2C95338229%2C95341662%2C95342032%2C95335247%2C95341670&oid=2&pvsid=1299880532715919&tmod=2024903547&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1100%2C1100%2C1100%2C1100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=399
Frame ID: 990804317507A7054C64DB40EBF97123
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5554609003873316&output=html&h=280&adk=1210504359&adf=2855449038&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1726074543&rafmt=1&to=qs&pwprc=7432359567&format=1200x280&url=https%3A%2F%2Fkarelia.business%2F%3Fmtm_campaign%3Ddomain%26mtm_kwd%3Damerisbank&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726074546288&bpp=3&bdt=2522&idt=-M&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=1842152919970&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31086853%2C44795921%2C95338229%2C95341662%2C95342032%2C95335247%2C95341670&oid=2&pvsid=1299880532715919&tmod=2024903547&uas=0&nvt=1&fc=1920&brdim=1100%2C1100%2C1100%2C1100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Frame ID: 2D3C4A84FF5C7026F69EB8DEBABA3F53
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5554609003873316&output=html&h=90&adk=793707805&adf=1175361054&pi=t.aa~a.3822907434~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1726074543&rafmt=1&to=qs&pwprc=7432359567&format=1200x90&url=https%3A%2F%2Fkarelia.business%2F%3Fmtm_campaign%3Ddomain%26mtm_kwd%3Damerisbank&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726074546288&bpp=1&bdt=2522&idt=0&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1842152919970&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31086853%2C44795921%2C95338229%2C95341662%2C95342032%2C95335247%2C95341670&oid=2&pvsid=1299880532715919&tmod=2024903547&uas=0&nvt=1&fc=1920&brdim=1100%2C1100%2C1100%2C1100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=12
Frame ID: A3D3D013CF66F6B976637946893DC871
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31F6FA0E2BA7407C68196793C18F06D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Республика Карелия

Page URL History Show full URLs

  1. http://amerisbank.ru/ HTTP 307
    https://amerisbank.ru/ HTTP 301
    https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

27
Requests

93 %
HTTPS

40 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

398 kB
Transfer

1313 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://amerisbank.ru/ HTTP 307
    https://amerisbank.ru/ HTTP 301
    https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://karelia.business/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://karelia.business/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
karelia.business/
Redirect Chain
  • http://amerisbank.ru/
  • https://amerisbank.ru/
  • https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
40 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059aa9589e05605eae0c02ae743a1ca1d7399118f497797823a3f3491e8dbf1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8c1943694f169249-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 11 Sep 2024 17:09:03 GMT
expect-ct
max-age=86400, enforce
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Wed, 11 Sep 2024 17:09:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rG2jX2s5bc%2F8%2FN%2BBOaUr1X2xDGIz9KIp%2FhOZ5466zn5jH9ryxyWtGBv4dQgzfAKJqhnbtGeKKWEjocCBXXwKdPe3QQ7PwuvaRRy3ZzxFNyeiNvoYIh6YVuFI%2FHbboTkqt69n"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8c1943682a4dd289-FRA
content-length
167
content-type
text/html
date
Wed, 11 Sep 2024 17:09:03 GMT
expect-ct
max-age=86400, enforce
expires
Wed, 11 Sep 2024 18:09:03 GMT
location
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKJ2Kv769d3jFCmwDXAE6%2B37DEbct0u6UAQCM6x58v75SbEL%2BUZbY%2B7d%2BbzL3rVzOJNtcEViojm1hJ8l54Usf%2F%2BRR2Ih3bQS1xrlSbCRj8XHjJEkxf3oHmD7IArpxOF7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css.php
karelia.business/ 		318 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://karelia.business/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Avariations.less%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1725618801&k=e5ceb95935d7b99f8b03221e5d86a5ea7c76df78
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7049d50b2bc6caf925638156af648650da3fb11a2733d7cfe412be0870b27c31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 06 Sep 2024 10:33:21 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pl8E893roxfR3bqezguC%2F5yCxG5KdIY9xIJMdlQmqCQVlzyykOhEaMrWnn%2BT3gePekZjFphuqLGbNYADesXL%2FOzOgSQ4p19sfbbyQwjV8ReKX49zvVDNZnCiPd5wlznmJ%2F%2Fa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
8c19436aa9109249-FRA
expires
Thu, 11 Sep 2025 17:09:03 GMT
css.php
karelia.business/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://karelia.business/css.php?css=public%3Anode_list.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Aextra.less&s=1&l=1&d=1725618801&k=aa165b5702375360f4dfdc587f0dd2e6b637ff91
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5e06b26613b7fb72939f34061f387507610dcc7168483b02763e9e8e9992cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 06 Sep 2024 10:33:21 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqh10yQerlo4d3PzZcBa0uUBcQ74wH%2FIN%2BmF2C5zqXmRR%2BekG%2BzwfDX2MS8lBjaKp7vLy1%2BCB8S0dwxdo7H%2Fr4Z%2Bp8Za%2B4Y2UC01QW56tYW2rdV6Mp%2F8cYof0Z0rWoVIRy2f"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
8c19436aa9159249-FRA
expires
Thu, 11 Sep 2025 17:09:03 GMT
preamble.min.js
karelia.business/js/xf/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karelia.business/js/xf/preamble.min.js?_v=fcd6dbb1
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c160ff00e36313ba7c2c7736baf0a4cb2c769fa5024f21fb49897f48fd7208
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Aug 2024 09:45:34 GMT
server
cloudflare
etag
W/"ed1-61fb5b4418b80"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5BZybpJydrLf3gYa54TnmyZ2xGAp3My%2BToeG6aWAQxJceV4zZ2EvAWq4BUI3ev37SojY9JdCItdquMqmyYE1c8v62%2BapT12yKqKeDPh0wJ2GKjBBxelbl1jsP2LAW8kReva"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436aa91a9249-FRA
vendor-compiled.js
karelia.business/js/vendor/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karelia.business/js/vendor/vendor-compiled.js?_v=fcd6dbb1
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40370aee49c7a9cde80f64b5d8373f1bfe3c3de64f855cec1e8ef1afb3767f24
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Aug 2024 09:45:34 GMT
server
cloudflare
etag
W/"3959-61fb5b4418b80"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULlRYs2F2qFF97tNgJsfoiZGczqmaOgdY8rfInrCJCjKseyGUo2Nn2xCg43jWvLQlVkVSszem7sqC1yvWSSPdUhVQVUl0EJdAvrtzbYfpTbrxhIETr1mKLYUUhc6LsMj87Tk"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436b49f59249-FRA
core-compiled.js
karelia.business/js/xf/ 		172 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karelia.business/js/xf/core-compiled.js?_v=fcd6dbb1
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10d77ff4d2c453ca72e414e3ce9a42e7f71b9d840fa4df2acf95e0fa6a879c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6210
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 06 Sep 2024 10:31:21 GMT
server
cloudflare
etag
W/"2aef7-62170e8803efa"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qn4umqKGTqLX95p49L7zRn9EAR8ruGJemxMv2KCB2t%2BJhgD%2Bwz7XzPdQO9%2BBjl6LVZsmb443TbhEbjwti6lQ11i1L7rvPUrlNsiIuJrfUZFGTh7Pgq6pc3PjDG1%2FZO9CNpR8"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436c2b1e9249-FRA
96d6f2e7e1f705ab5e59c84a6dc009b2.svg
karelia.business/data/assets/logo_default/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/data/assets/logo_default/96d6f2e7e1f705ab5e59c84a6dc009b2.svg
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817b27f96c87e6acac021d2c1dec1b28c24fae6649b9a353b34d2cf704ae1b67
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Aug 2024 10:08:39 GMT
server
cloudflare
etag
W/"17d6-61fb606dc638d"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F129EQeqtBwE9tyN21mLwwccCajvPpZir%2BfnkhfjYOQ1xYCHnhrbPOBl0EYpIOeaC9tPiW9pY2MH3MXne6SbDgTHIigwWD4sz%2FBB0c74uKouW5LfCDWaV9I6pURxJXgTcmWB"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436c3b2f9249-FRA
regular.svg
karelia.business/data/local/icons/ 		119 KB
39 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://karelia.business/data/local/icons/regular.svg?v=1725618805
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e53abd0b302deb021bd5236e4094feade6a7fab6759102e87692e603c6fa67
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 06 Sep 2024 10:33:25 GMT
server
cloudflare
etag
W/"1ddda-62170efe9742d"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YalM7%2Fiik6boQgM%2B7UTpbUZW4zhAFwMNfyGEUzuAuDEVpjIxO8f6GN01drE%2F2iNbgnTlQNLOLyV%2FP36SH%2BQT4gy%2FFkjk5w6m3ADNcmpk2mNbdA7vvHKtvspgY%2FOyUwbRv6P"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436c4b4d9249-FRA
brands.svg
karelia.business/data/local/icons/ 		8 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://karelia.business/data/local/icons/brands.svg?v=1725618805
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2ef91a642fd78bbca05750f5d3e3a9b97cf3edf0f8818f78aed8aecac3a1f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 06 Sep 2024 10:33:25 GMT
server
cloudflare
etag
W/"1ea6-62170efe95105"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8nIkSpTy9eSRIGT7KFLnM%2FAHpWRrbfvuC9afkSKFd2JYj67EmUENAZYcnOMlLNDqG%2FZnfy5yhGat39DnNrge4mtSj6RLGmReHep3Ht0LwT76yt8Z446VYZ8Hi1uIfqXpPaB%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436c4b529249-FRA
96d6f2e7e1f705ab5e59c84a6dc009b2.svg
karelia.business/data/assets/logo_default/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/data/assets/logo_default/96d6f2e7e1f705ab5e59c84a6dc009b2.svg
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817b27f96c87e6acac021d2c1dec1b28c24fae6649b9a353b34d2cf704ae1b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Aug 2024 10:08:39 GMT
server
cloudflare
etag
W/"17d6-61fb606dc638d"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F129EQeqtBwE9tyN21mLwwccCajvPpZir%2BfnkhfjYOQ1xYCHnhrbPOBl0EYpIOeaC9tPiW9pY2MH3MXne6SbDgTHIigwWD4sz%2FBB0c74uKouW5LfCDWaV9I6pURxJXgTcmWB"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436c3b2f9249-FRA
caret-down.svg
karelia.business/styles/fa/solid/ 		336 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/styles/fa/solid/caret-down.svg?v=5.15.3
Requested by
Host: karelia.business
URL: https://karelia.business/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Avariations.less%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1725618801&k=e5ceb95935d7b99f8b03221e5d86a5ea7c76df78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c646a34e33db483f472aaa93b45a1c8a572233816bedabd17b01dc94b48ec457
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Avariations.less%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1725618801&k=e5ceb95935d7b99f8b03221e5d86a5ea7c76df78
Origin
https://karelia.business
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Aug 2024 09:45:35 GMT
server
cloudflare
etag
W/"150-61fb5b450cdc0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0G5XlE38Kd77MGClNtlYvK0HeSHCIwJEC8DURe9SRjKkGBriaVs%2FEFIiZTRnx%2BiXzHYor%2FtRQLnjm7z005UP%2B%2FmLuE%2FyoH1I%2B%2BczFlOmAmR3O6ibBdlJKxP%2Bh16RdMBWdvmu"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436c7b6e9249-FRA
search.svg
karelia.business/styles/fa/regular/ 		554 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/styles/fa/regular/search.svg?v=5.15.3
Requested by
Host: karelia.business
URL: https://karelia.business/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Avariations.less%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1725618801&k=e5ceb95935d7b99f8b03221e5d86a5ea7c76df78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b388553a2cff2aec9a33a20e3010e38432e473f3c2f396eddb1ef056c79c8719
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Avariations.less%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1725618801&k=e5ceb95935d7b99f8b03221e5d86a5ea7c76df78
Origin
https://karelia.business
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Aug 2024 09:45:35 GMT
server
cloudflare
etag
W/"22a-61fb5b450cdc0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D2m2OgJN0t9%2BsUFz5lwaAcum%2FYpXpgyA8nZP57Ops4F6%2FrZw%2B9vBJ%2Bvm2oyAJCz7uUgm3GgOFSbkUdi05l9gGp91ZPFY6zYKrHnB9tOGcjdhu008DnTdvsbzm6AGyfzlJuf6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436c7b719249-FRA
angle-right.svg
karelia.business/styles/fa/regular/ 		400 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karelia.business/styles/fa/regular/angle-right.svg?v=5.15.3
Requested by
Host: karelia.business
URL: https://karelia.business/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Avariations.less%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1725618801&k=e5ceb95935d7b99f8b03221e5d86a5ea7c76df78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
855a08501b8e0226e8ce55de5baac401f33d8a25f65e0a05e0e110ae292aadfc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Avariations.less%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1725618801&k=e5ceb95935d7b99f8b03221e5d86a5ea7c76df78
Origin
https://karelia.business
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Aug 2024 09:45:35 GMT
server
cloudflare
etag
W/"190-61fb5b450cdc0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFtFf4eC4SZpTxrJl0yj9oie4lk74LpPqB6Qtl%2FD9eNfwqS4WMekQUPl39t%2F2kT7oe%2Bof%2FBVk1LZkaGH%2FLGJz4rPtzJWjqDqAYHy4ySLYMaVRsoWObR9tcuXzVxwf0wbZbhS"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19436c7b769249-FRA
main.js
karelia.business/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/ Frame F2A8
Redirect Chain
  • https://karelia.business/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://karelia.business/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karelia.business/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js?
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dadb2bcf24c4bd68d51aa92c2ce19df961f902cb646b00957d9a4b8a1547a74c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmkKq3HRGTBFTjydB%2FCJJFOfoO%2FGVHqsBX9gBp49vU3Z40fVY3MUs6E4FKrTAyHFUbnIOJTlSC2TuPXjLsfJto6XjIzsrTzyKYAsc%2FiZaYRv7FWx3hjLMYSR49caaMGAhT5Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c19436d6ce69249-FRA

Redirect headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQl04ZU%2F95r3A%2FtdpK4bwhW2fRpIgxBuA7tkCUvgs8iWG3pEPvIkvG6XgitesATr2eLHD22n0pg8aamOtV3FXhb1UWQ12%2F5kL9yiYaHJ0P4EAdM%2FrbrMHe8aGROM0rwSvlyG"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
x-frame-options
SAMEORIGIN
cf-ray
8c19436d0c6f9249-FRA
s.js
karelia.business/cdn-cgi/zaraz/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karelia.business/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyJUQwJUEwJUQwJUI1JUQxJTgxJUQwJUJGJUQxJTgzJUQwJUIxJUQwJUJCJUQwJUI4JUQwJUJBJUQwJUIwJTIwJUQwJTlBJUQwJUIwJUQxJTgwJUQwJUI1JUQwJUJCJUQwJUI4JUQxJThGJTIyJTJDJTIyeCUyMiUzQTAuMTc4OTM1MjUxMjA5MDg2OTMlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmthcmVsaWEuYnVzaW5lc3MlMkYlM0ZtdG1fY2FtcGFpZ24lM0Rkb21haW4lMjZtdG1fa3dkJTNEYW1lcmlzYmFuayUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBLTEyMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7cf05aa9fd1e4d8c9e9bcdf12dc49d8cce782855eec641f5804049db143f4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://karelia.business
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dd%2F%2FMHKlR5CzvHYghMaPJ6kn1jzHV7tsYXP%2BPutJmtCOP%2B2bO8%2BD5zjnrbNxVpRZmiwUrsFzMBpXEZbvl9pc5FewX9eJbNrgUBHH42c7gA2JeW%2Bgj3kql4jaIqLYGeC9eadu"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
x-robots-tag
none
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
cf-ray
8c19436d0c779249-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5554609003873316
Requested by
Host: karelia.business
URL: https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
26b23a9400233c9cf118a115c21a3813c543c3068500c6c8a69a9ae6484cf3f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://karelia.business
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52045
x-xss-protection
0
server
cafe
etag
14846535575192130848
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 11 Sep 2024 17:09:04 GMT
8c1943694f169249
karelia.business/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F2A8 		0
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://karelia.business/cdn-cgi/challenge-platform/h/g/jsd/r/8c1943694f169249
Requested by
Host: karelia.business
URL: https://karelia.business/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kgFRjrIuTbnew7KI45o3w9uJSUgVC3bgOhIozQJ91WHVGtg12JnlWtatKqE9EoJ3K0Dy8i3N%2Bn2oJBCIhd5nJUfjOyizcmM03F00X5GwT%2BilkxcXtaQt4Ht0QkArQUzJaat"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8c19436e5e989249-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/ 		417 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5554609003873316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8163e6bbd85643bce430cc450663e0d57bfe6cd138e00760762df47fe21fdaa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143428
x-xss-protection
0
server
cafe
etag
2838597454566372926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 11 Sep 2024 17:09:04 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240905/r20110914/ Frame CD71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
18318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Sep 2024 12:03:47 GMT
etag
5947459844715414650
expires
Wed, 25 Sep 2024 12:03:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 9908 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5554609003873316&output=html&adk=85976724&adf=3412083302&abgtt=6&lmt=1726074543&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fkarelia.business%2F%3Fmtm_campaign%3Ddomain%26mtm_kwd%3Damerisbank&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&itsi=-1&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726074544484&bpp=3&bdt=718&idt=375&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1842152919970&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31086853%2C44795921%2C95338229%2C95341662%2C95342032%2C95335247%2C95341670&oid=2&pvsid=1299880532715919&tmod=2024903547&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1100%2C1100%2C1100%2C1100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=399
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
5107
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Sep 2024 17:09:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240905&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9e564fe58d6afb73fef9a3610632010bea6baec307a45eef7062981e49463e37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12883
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 2D3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5554609003873316&output=html&h=280&adk=1210504359&adf=2855449038&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1726074543&rafmt=1&to=qs&pwprc=7432359567&format=1200x280&url=https%3A%2F%2Fkarelia.business%2F%3Fmtm_campaign%3Ddomain%26mtm_kwd%3Damerisbank&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726074546288&bpp=3&bdt=2522&idt=-M&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=1842152919970&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31086853%2C44795921%2C95338229%2C95341662%2C95342032%2C95335247%2C95341670&oid=2&pvsid=1299880532715919&tmod=2024903547&uas=0&nvt=1&fc=1920&brdim=1100%2C1100%2C1100%2C1100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Sep 2024 17:09:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame A3D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5554609003873316&output=html&h=90&adk=793707805&adf=1175361054&pi=t.aa~a.3822907434~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1726074543&rafmt=1&to=qs&pwprc=7432359567&format=1200x90&url=https%3A%2F%2Fkarelia.business%2F%3Fmtm_campaign%3Ddomain%26mtm_kwd%3Damerisbank&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726074546288&bpp=1&bdt=2522&idt=0&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1842152919970&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31086853%2C44795921%2C95338229%2C95341662%2C95342032%2C95335247%2C95341670&oid=2&pvsid=1299880532715919&tmod=2024903547&uas=0&nvt=1&fc=1920&brdim=1100%2C1100%2C1100%2C1100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
308
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Sep 2024 17:09:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5554609003873316&plah=karelia.business
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 17:09:06 GMT
baec6461b0d69dde1b861aefbe375d8a.svg
karelia.business/data/assets/logo/ 		928 B
952 B 		Other
General
Check archive.org
Download Go to
Full URL
https://karelia.business/data/assets/logo/baec6461b0d69dde1b861aefbe375d8a.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d0a0064158b1a40dcbb70a6af30b453e742dc8d70bb78ab64eadfba14e6131
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karelia.business/?mtm_campaign=domain&mtm_kwd=amerisbank
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 17:09:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Aug 2024 10:09:04 GMT
server
cloudflare
etag
W/"3a0-61fb60851fec9"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ni6cRF%2F862pACnKveNOzUT%2FEkfipPN2NM3NYnVbqyL6G44qs3zafMBsdCwBCYBzNd8aaYkG9Mii%2FQl%2FdP3aiVOxpPJPQw4gve%2BVw8j3Q%2BLT1Sb5OAd2bNLmjtowicwyB1Ct8"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8c19437aaf589249-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 31F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
106161
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 11:39:45 GMT
expires
Wed, 10 Sep 2025 11:39:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240905&jk=1299880532715919&bg=!QkGlQQ7NAAYJ21f7Kds7ADQBe5WfOGXNbTHwlBK2bDznYOspq9q83vCjfqUS-tsvJxWp_MtLec4k0pMewo4BVV5MdOP-AgAAAFtSAAAAA2gBB34ANt4SQN9x9AhsAvEquNcjdusHCKuQQDCFPEQjLsi7K6Nbwd1aXFYHKq_jo9pixr-alYvBD6IK0QoAU6rPRKAWyzgUxNyFRzb19LDT6bv00rtWQzCsXdDmFWf7ugcGEJ2mgp56R6NjT41mIbZujYcdkQwIv5jhTQ-ZlwPL8EHz8khLpvSdWMf146DvrGGjmQKqKXgvyEZm8jiTT8v4usuuHlXsXGxl7uS-oLECGYiozNHRCByptSeAOU0NHxMxehz9fkkaZFAaZk5inSXez75Z9RvR2BuW8MxUoNFAsoaolxNXf_lLmYVtoH6wsUyF3XvZOfk_DZbfokSkYwIV8MEm0_68aIFF9kcNDBvpgcKNHSDQtyztnOxknkM0NNfjdrLie69nlziAgG-w6mkp_oMhCq7IPfIEjkRhp-UYaHJlFEsWgZiII_kkZAvbJUEAZTLle3vxAI6PZy4W99l3TNBX2m3iqd-pzt9nkUV_ZYlC45E3_GPDYF95quH1afP-19TyspbagIKKjMB0KCbg7wGbXR0lqbebQv4GhEsopwzXOfNgHy1aMAUX3DrMppfuB1qTXV_tFJdc_4WvJSHJFh9WkiEEJ2sWd7jIK35qnunskajtInBof8vDM2iosTNkaRkLfkEPkrtW2j5tuflJoCILVCdDZDx59ie5zcxDJ5w09V2toOl51DscbihkYqcN2KwHLj1rg7tWIKaAgZFS-YNbJ-0UpVpp6y_S2jqD2WYXx6jfk7Uo1KrRyV81g8yLaPqF2H-f98eQ5fpigyTXujHWB5X-ZxrGtZ9S_cRinrIxY3VqO3xt4Xbf7lfC5Ai1ewFah02MjrLjp3I2oksRk4NoLGEJqNCoA8CC7iaf3M5qCyzk7puipzjer1gOZNu63ynHEMlRRewHuWY9aIF2omFBqfNxGpiH4SJC7Aj_Sh0ZIEm8U7L0XwuUDbp7gXfEKPN74DZOF6_mndXhi7ufl-s68kZW96LmAxPUPDu5JMgAstwooICZVR1C7yeVbFYJF-jkI58-RUD-xC8ko1aWvYrSDbAiD8WAnqhaaCbJLTJU567OOe5FSXMxw0tw8sKRQhYd3T98DRtI83v6jg

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| XF object| zarazData object| zaraz object| Mustache function| autosize object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue object| google_ad_modifications object| ggeac number| tmod object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
karelia.business/ Name: xf_csrf
Value: DYfIYskw5oixEyuz
.karelia.business/ Name: cf_clearance
Value: U0GDtgCEi.TSGNLB0lCPWd7rv9GJHmAWFH8VHjqITfw-1726074544-1.2.1.1-BpLmU3xQE46KMXbbvf2_F7EeVdd_ZhqdOtShb4iHEb5ed_s3vCCnoE5hAThpb3HYPZ8dyPX3aDyNYsCv7cZq5pRT3jppvfGjTpzjf2rUQLO9mp2Q0H.CitWoGAgfhxZuhEnJHb7cZqbZBd2B9diiDU73zDiSqTKgKJp3FZU5xVZaVfYxmf.XTbpaK3yzHs0qJ9DyqvyuFLMNXuMusrfVtk6k9p.O_crHJAdq_MTP281OG1MblsRKL7R0kFth7aEatqX94VHRSRfbstezDdTyVh.qk.OKM9SkxzN9HM00Mi0nRSLcJgElgTfNdnxC_YvuGUqQoajrZi9SMfjsBbseduF0SqKMKTdmNN1w7Aq0eZVPYziP5g4wclKd4nAof1nK
.karelia.business/ Name: __eoi
Value: ID=a7b6f4d19c8c8814:T=1726074546:RT=1726074546:S=AA-AfjZ1RPPe6zb6l8ro0b_a0uHI

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amerisbank.ru
karelia.business
pagead2.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
142.250.186.66
172.67.146.184
188.114.96.3
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
059aa9589e05605eae0c02ae743a1ca1d7399118f497797823a3f3491e8dbf1d
26b23a9400233c9cf118a115c21a3813c543c3068500c6c8a69a9ae6484cf3f6
40370aee49c7a9cde80f64b5d8373f1bfe3c3de64f855cec1e8ef1afb3767f24
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f7cf05aa9fd1e4d8c9e9bcdf12dc49d8cce782855eec641f5804049db143f4b
7049d50b2bc6caf925638156af648650da3fb11a2733d7cfe412be0870b27c31
7d5e06b26613b7fb72939f34061f387507610dcc7168483b02763e9e8e9992cf
8163e6bbd85643bce430cc450663e0d57bfe6cd138e00760762df47fe21fdaa6
817b27f96c87e6acac021d2c1dec1b28c24fae6649b9a353b34d2cf704ae1b67
855a08501b8e0226e8ce55de5baac401f33d8a25f65e0a05e0e110ae292aadfc
9e564fe58d6afb73fef9a3610632010bea6baec307a45eef7062981e49463e37
b388553a2cff2aec9a33a20e3010e38432e473f3c2f396eddb1ef056c79c8719
b5d0a0064158b1a40dcbb70a6af30b453e742dc8d70bb78ab64eadfba14e6131
c646a34e33db483f472aaa93b45a1c8a572233816bedabd17b01dc94b48ec457
c6c160ff00e36313ba7c2c7736baf0a4cb2c769fa5024f21fb49897f48fd7208
d10d77ff4d2c453ca72e414e3ce9a42e7f71b9d840fa4df2acf95e0fa6a879c3
dadb2bcf24c4bd68d51aa92c2ce19df961f902cb646b00957d9a4b8a1547a74c
e2e53abd0b302deb021bd5236e4094feade6a7fab6759102e87692e603c6fa67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2ef91a642fd78bbca05750f5d3e3a9b97cf3edf0f8818f78aed8aecac3a1f6