ds761tbf-pl.fina.guru Open in urlscan Pro
172.67.70.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ds761tbf-pl.fina.guru/go_to/?offer=pl_feniko_mfo_652_af
Effective URL:
https://ds761tbf-pl.fina.guru/
Submission: On November 09 via api (November 9th 2024, 10:10:28 am UTC) from US — Scanned from PL

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 51 HTTP transactions. The main IP is 172.67.70.42, located in United States and belongs to CLOUDFLARENET, US. The main domain is ds761tbf-pl.fina.guru.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.

This is the only time ds761tbf-pl.fina.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 22	172.67.70.42 172.67.70.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
4	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
7	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
4	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
51	13

22 172.67.70.42 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ds761tbf-pl.fina.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	fina.guru 2 redirects ds761tbf-pl.fina.guru	147 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	481 KB
9	google.com www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 region1.analytics.google.com — Cisco Umbrella Rank: 4401	130 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	229 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	240 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	6 KB
1	google.pl www.google.pl — Cisco Umbrella Rank: 29079	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	558 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	30 KB
51	10

	Domain	Requested by
22	ds761tbf-pl.fina.guru	2 redirects ds761tbf-pl.fina.guru static.cloudflareinsights.com
7	fonts.gstatic.com	ds761tbf-pl.fina.guru fonts.googleapis.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	www.google.com	ds761tbf-pl.fina.guru www.gstatic.com www.googletagmanager.com
4	pagead2.googlesyndication.com	ds761tbf-pl.fina.guru pagead2.googlesyndication.com
3	www.googletagmanager.com	ds761tbf-pl.fina.guru www.googletagmanager.com
3	www.gstatic.com	ds761tbf-pl.fina.guru www.google.com
1	fonts.googleapis.com
1	www.google.pl	ds761tbf-pl.fina.guru
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	ds761tbf-pl.fina.guru
1	code.jquery.com	ds761tbf-pl.fina.guru
51	13

This site contains links to these domains. Also see Links.

Domain
tinyurl.com

Subject Issuer	Validity	Valid
fina.guru WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.pl WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ds761tbf-pl.fina.guru/
Frame ID: F8493B39823DEB43B992069A96ED2034
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=pl&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=i5j12req2ycc
Frame ID: B076FA391B98FEEBF8D596587F7D26A9
Requests: 1 HTTP requests in this frame

Frame: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: EC5E62BB176B49960DC1E2F450D93386
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fds761tbf-pl.fina.guru
Frame ID: 1EDCAE9453F02DD9D97B2E47D0303379
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pl&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G
Frame ID: E41B23B8211FBBC7C6A8347D7D2A0CF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ds761tbf-pl.fina.guru/go_to/?offer=pl_feniko_mfo_652_af HTTP 307
https://ds761tbf-pl.fina.guru/go_to/?offer=pl_feniko_mfo_652_af HTTP 302
https://ds761tbf-pl.fina.guru/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

51
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1269 kB
Transfer

3701 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tinyurl.com/2p96c6up
Title: Viber

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ds761tbf-pl.fina.guru/go_to/?offer=pl_feniko_mfo_652_af HTTP 307
https://ds761tbf-pl.fina.guru/go_to/?offer=pl_feniko_mfo_652_af HTTP 302
https://ds761tbf-pl.fina.guru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ds761tbf-pl.fina.guru/
Redirect Chain

http://ds761tbf-pl.fina.guru/go_to/?offer=pl_feniko_mfo_652_af
https://ds761tbf-pl.fina.guru/go_to/?offer=pl_feniko_mfo_652_af
https://ds761tbf-pl.fina.guru/

83 KB
19 KB

171ms
170ms

Document
text/html

172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25f045067e9e364e636f17d33894f47806732eb343486639546296faa75207b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dfd033c9e2c3bb5-WAW
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Sat, 09 Nov 2024 10:10:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTuggj2g%2FMxbNWHC2AK%2B6CAt5W1VX8X44kl8fLJyEnZklL8rPennmdx%2FPGUajTqGOevEbadjzD0wzSQWqBBsmvIZcwKtleFc8hhsPph0pGIQ%2BpnzygwxmfP6VEHBwZODHjdXE6fu7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=24062&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5077&recv_bytes=4910&delivery_rate=28291&cwnd=12000&unsent_bytes=0&cid=0613c72e0d16f664&ts=291&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding Cookie
x-content-type-options: nosniff
x-frame-options: ALLOWALL ALLOWALL

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dfd033becd53bb5-WAW
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Sat, 09 Nov 2024 10:10:22 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C8bvmqPC6k6PMvSVovEaI7gFDv5Sf4VqbPyZWqsVqWGmszyGqQRouXM451l%2BzeLh9Wszv5eUoTlK56nMA7N2bNnQiHgir98mFwomHFezWmci93NH%2FmGnNJ76eQn0Kfg%2FU2sqScPSag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=24097&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4301&recv_bytes=4517&delivery_rate=568&cwnd=12000&unsent_bytes=0&cid=0613c72e0d16f664&ts=120&x=1" cfExtPri cfHdrFlush;dur=0
x-content-type-options: nosniff
x-frame-options: ALLOWALL ALLOWALL

GET
H3 200 style.min.css
ds761tbf-pl.fina.guru/static/core/m4m/css/ 50 KB
8 KB 71ms
69ms Stylesheet
text/css 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/m4m/css/style.min.css

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6023e0f0-c8e9"
age: 1118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2FLe%2BLkn4gC%2BeNPobOSYnxTQKk2F1wKpLEy9etVA052IswzRfwygz1c0cxpeR7YUJNkZmuisH1MjRuijIJ9tOWdpEtlq30q9fl70a96ARWBCioUAjZyRael8hagtx%2FC3oixJPbq%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24515&sent=54&recv=27&lost=0&retrans=0&sent_bytes=48729&recv_bytes=7946&delivery_rate=73244&cwnd=26400&unsent_bytes=0&cid=0613c72e0d16f664&ts=376&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: text/css
last-modified: Wed, 10 Feb 2021 13:34:40 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: ALLOWALL
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033db82c3bb5-WAW
server: cloudflare

GET
H3 200 main.css
ds761tbf-pl.fina.guru/static/core/m4m/css/ 159 KB
28 KB 48ms
44ms Stylesheet
text/css 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1b8add97fbfd7710e32d0ab792c17e0a30c491aff1fb1cf790b1dd084aa69d4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"63ff6483-27db1"
age: 1118
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qH4u637aIdPofo9VtDFxsn1oz2UC%2B19cKPC4WkZEQcrYzwINosAPOXJFUKNJvzQuwYWyJPDIcvyf0JFZWms0uwtasEXP3yOl2itg4Co5rcC4il0mtfFlwswZ3rHx9L4SKgf02w7eZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24400&sent=43&recv=25&lost=0&retrans=0&sent_bytes=37138&recv_bytes=7859&delivery_rate=296675&cwnd=24000&unsent_bytes=0&cid=0613c72e0d16f664&ts=354&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: text/css
last-modified: Wed, 01 Mar 2023 14:43:15 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: ALLOWALL
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033db8333bb5-WAW
server: cloudflare

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 436ms
42ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: W/"28feccc0-15851"
age: 1449314
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 45, 83827
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21965-LGA, cache-fra-eddf8230118-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1731147023.396186,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30638
server: nginx

GET
H3 200 main.js Show response
ds761tbf-pl.fina.guru/static/core/groshi/js/ 151 KB
48 KB 69ms
66ms Script
application/javascript 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/groshi/js/main.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01eda7f50e5a175644989807fc6c9e60d55d5d69bb50e80426b17b2750fd4fa

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"601d6b28-25a22"
age: 1118
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJZmYVJo%2BQ2S%2FlH7AITHPb3iLQRMEsPxnaxPUnuG4z%2BeizldBT2YZ0UPRkK8EHX5WcYpmepZNRT5xcNll5xMX5FpSVslJsT8QZFTqXvWwjEDcPPT%2BY%2BmsLngYZeqnct32lI5exbtVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=154146
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24400&sent=53&recv=25&lost=0&retrans=0&sent_bytes=48301&recv_bytes=7859&delivery_rate=296675&cwnd=24000&unsent_bytes=0&cid=0613c72e0d16f664&ts=357&x=1", cfExtPri, cfHdrFlush;dur=19
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Feb 2021 15:58:32 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: ALLOWALL
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033db8363bb5-WAW
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
53 KB 171ms
74ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8f6df34863028d34b9d403ae0045a73d94b601af0c1b5d2a551470bae2617669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer

Response headers

content-encoding: br
etag: 14077825021399428607
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 10:10:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53883
x-xss-protection: 0
server: cafe

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.10.1/ 22 KB
7 KB 95ms
42ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.1/firebase-app.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

7928369a406440002cb4b79ce79e2374bb580a6f189a16db2e400cdfa80e3130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 239136
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:44:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:44:47 GMT
last-modified: Fri, 28 Jan 2022 20:19:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7003
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.10.1/ 40 KB
11 KB 100ms
47ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.1/firebase-messaging.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

69df19aa714c324e70896cd5cc834d9dcc1080b58b2e771e86df18ab10b20859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 240393
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:23:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:23:50 GMT
last-modified: Fri, 28 Jan 2022 20:19:08 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10881
x-xss-protection: 0
server: sffe

GET
H3 200 firebase_subscribe.js Show response
ds761tbf-pl.fina.guru/ 5 KB
2 KB 42ms
40ms Script
text/javascript 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/firebase_subscribe.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6021f95f5d5d1483fbebf9552e64304494d27b5aad6c7b01f89076e11b1486a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL, ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GaIGJNL6IH0qGIGXmxI36lREeT0niW3fiO%2BgcbhRlUCbn2b8sHmVi9TeWSExJX%2B5XJwyY3uHnUdyYEjcq60ZTQ1cdzY7n7OMczHEFbfg9QndF3H%2BPcN5U5o4epTplXcpSiJjb49dgA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24400&sent=32&recv=25&lost=0&retrans=0&sent_bytes=24729&recv_bytes=7859&delivery_rate=296675&cwnd=24000&unsent_bytes=0&cid=0613c72e0d16f664&ts=352&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: text/javascript
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: ALLOWALL, ALLOWALL
last-modified: Sat, 09 Nov 2024 09:51:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
cf-ray: 8dfd033db8383bb5-WAW
server: cloudflare

GET
H3 200 Logo_Miloan_FvFmOyK_4gc8Aj1.jpg
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
3 KB 44ms
42ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Miloan_FvFmOyK_4gc8Aj1.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f1b6ebc5894899b4f875b3f3962b33548c0b7944dbd77dec30ac1d8974e72cc

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "65e71954-46cf"
age: 1117
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ts%2BahTvZYbvJSKYY8RKfd7zA3a2j1D7bFy50s9xeMjvjS7lvnueyD7cLnmS91mBqBg3vi8Dw3h6CR2k0dY3lBuBjHr5kjJII%2B8NtP%2Bi%2Bm6pByKCZnicxcIl6Ze48hRqpDXNQALW5fA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=18127
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24400&sent=40&recv=25&lost=0&retrans=0&sent_bytes=33863&recv_bytes=7859&delivery_rate=296675&cwnd=24000&unsent_bytes=0&cid=0613c72e0d16f664&ts=353&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="Logo_Miloan_FvFmOyK_4gc8Aj1.webp"
vary: Accept
priority: u=2,i
x-frame-options: ALLOWALL
last-modified: Tue, 05 Mar 2024 13:08:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033db83a3bb5-WAW
accept-ranges: bytes
content-length: 2444
server: cloudflare

GET
H3 200 Logo_Solcredit.pl.png
ds761tbf-pl.fina.guru/media/data/media/ 6 KB
7 KB 45ms
43ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Solcredit.pl.png

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1226da68e0549112fa7d39361b1a9700b049a4309bfb82d302fef94fb5b91464

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "66c48ed8-244d"
age: 1117
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F0ixnBbbLN818mBDWCamR4uItU38MjpJCti7bbioUUsIr6Qi%2BTK3ktALthsJXTmLQ5T3kGwQNVKAJhznf00DJO7tqogalkcgLjvS4LWyF46lDjrqlfEvIqeZKkDKGY0LFoyiEM6%2B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=9293
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24400&sent=34&recv=25&lost=0&retrans=0&sent_bytes=26910&recv_bytes=7859&delivery_rate=296675&cwnd=24000&unsent_bytes=0&cid=0613c72e0d16f664&ts=353&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="Logo_Solcredit.webp"
vary: Accept
priority: u=2,i
x-frame-options: ALLOWALL
last-modified: Tue, 20 Aug 2024 12:40:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033db83d3bb5-WAW
accept-ranges: bytes
content-length: 6070
server: cloudflare

GET
H3 200 Logo_Vivus.png
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
3 KB 47ms
46ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Vivus.png

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cf9e8037b2fa748ab852a77bed93aed22371cbe734982d23715c14953a34a5d

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "66c48eb8-12a7"
age: 1117
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4auVpQ23Ytsi9YXPkndzULjjHpgyIVs7X2cMFVFldPAF9Bbch%2FUg0cw6GWGhnj3xLSBwyYK4VhAC%2Bs0xxHVapSb%2Fb5u%2FyWF3LLOJzWIcHInmyovrNsWrnJb%2F8lM5OZ8FyODonPvfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4775
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25574&sent=96&recv=38&lost=0&retrans=0&sent_bytes=93901&recv_bytes=9278&delivery_rate=673766&cwnd=45600&unsent_bytes=0&cid=0613c72e0d16f664&ts=397&x=1", cfExtPri, cfHdrFlush;dur=3
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="Logo_Vivus.webp"
vary: Accept
priority: u=2,i
x-frame-options: ALLOWALL
last-modified: Tue, 20 Aug 2024 12:40:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033e08bc3bb5-WAW
accept-ranges: bytes
content-length: 2302
server: cloudflare

GET
H3 200 Logo_FenikoPL_5czaZO7.jpg
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
3 KB 47ms
47ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_FenikoPL_5czaZO7.jpg

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8163fb5039177560b2da8c13dcd96a2df8ca9e68fc6533bcb991a465703c40c2

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "663b2e5b-4a5b"
age: 1117
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZEZU6STgqv7e9QSUTWI6t1iFLcs6UcDQDe2Ryy5LEM4%2FcwnGKLfIg%2BYzBHunNuL4pHraue%2BHFtyoleFtgAK%2BGguGMvpk%2BDlWxhBzyn99EkNaxh80Y9x8TMRYaQ7%2BLGh5sMjuH%2BqQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=19035
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25574&sent=96&recv=38&lost=0&retrans=0&sent_bytes=93901&recv_bytes=9278&delivery_rate=673766&cwnd=45600&unsent_bytes=0&cid=0613c72e0d16f664&ts=397&x=1", cfExtPri, cfHdrFlush;dur=3
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="Logo_FenikoPL_5czaZO7.webp"
vary: Accept
priority: u=2,i
x-frame-options: ALLOWALL
last-modified: Wed, 08 May 2024 07:48:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033e08c03bb5-WAW
accept-ranges: bytes
content-length: 2230
server: cloudflare

GET
H3 200 Logo_Net_Credit.png
ds761tbf-pl.fina.guru/media/data/media/ 4 KB
5 KB 47ms
43ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Net_Credit.png

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6efeb17ba9975bde65b7c0e2db15aa529b4201a6d92ecd1887be5d62eaac5354

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "66c48ef9-1b3c"
age: 1117
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJr7u30X6m71ghVM4Rpxb5pHtyP8du3HFv8KP1CB8NLKNCjktO4y%2ByOWXr6pSEQUPmIT1sD8jBCvJSvCaEiJYvw1KY%2BJwryQafO3kK2YGgChQROog%2BjuHxvRcd4Io05MXs3mZGeiQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=6972
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24970&sent=133&recv=68&lost=0&retrans=0&sent_bytes=132214&recv_bytes=11025&delivery_rate=1228136&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=453&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="Logo_Net_Credit.webp"
vary: Accept
priority: u=2,i
x-frame-options: ALLOWALL
last-modified: Tue, 20 Aug 2024 12:41:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033e597b3bb5-WAW
accept-ranges: bytes
content-length: 4154
server: cloudflare

GET
H3 200 Logo_SMART.png
ds761tbf-pl.fina.guru/media/data/media/ 3 KB
4 KB 40ms
39ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_SMART.png

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df320e7de561d0487df9224085d0485e33aa0e7f054d25be29ef54ea0f12b785

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "66c48f44-17c4"
age: 1117
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YwWRg3u6bsmctyM%2BEJnqRpTYE3slIdE6yn4HLqdfGfc7Je1IbhCIHQym0i6XcY2BYYfeDt840XEjLo2eh06OChAt%2F%2B1RsySMgwFyUmKp6mySSIXyHN3X1Ctz%2FDr6E1ZUzqdY23FHQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=6084
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25041&sent=145&recv=72&lost=0&retrans=0&sent_bytes=141515&recv_bytes=12390&delivery_rate=34179&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=795&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="Logo_SMART.webp"
vary: Accept
priority: u=3,i
x-frame-options: ALLOWALL
last-modified: Tue, 20 Aug 2024 12:42:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd03408d953bb5-WAW
accept-ranges: bytes
content-length: 3250
server: cloudflare

GET
H3 200 Logo_Zaplo.pl.png
ds761tbf-pl.fina.guru/media/data/media/ 2 KB
3 KB 43ms
42ms Image
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Logo_Zaplo.pl.png

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea72eb08bb5d6bcdfb76f907fcea9b26875526153d87c10278f6f3648a91283

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "66c48f1b-11b3"
age: 1117
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwNlVbBVe35fE0Nj%2FktAxWfeyKyKpakLODIsx9SAzKbBwne8AgmQLjzD1lGHA8JnxilZVQjKco8Ln86Iv%2FB8Jn%2FNcaoalSbygZGJ8uKKujyhqT%2F4H0M4KEsO%2BH8vPkyIY9DB4DVieg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4531
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25041&sent=151&recv=74&lost=0&retrans=0&sent_bytes=145651&recv_bytes=13284&delivery_rate=34179&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=819&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="Logo_Zaplo.webp"
vary: Accept
priority: u=3,i
x-frame-options: ALLOWALL
last-modified: Tue, 20 Aug 2024 12:42:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd0340add83bb5-WAW
accept-ranges: bytes
content-length: 2234
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 146ms
55ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?renderer=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

ESF /

Resource Hash

64afac0d271c4982526ed9983b60d02062a198bc8c6ccf7359f01f67914f29df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 10:10:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 09 Nov 2024 10:10:23 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 jquery.maskedinput.js Show response
ds761tbf-pl.fina.guru/static/core/pozy4ka/js/ 6 KB
3 KB 49ms
48ms Script
application/javascript 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/core/pozy4ka/js/jquery.maskedinput.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03aff9ba10559a70ac312000ccfe9585b762f171283c53c3271d343080425093

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"622b117c-2c08"
age: 1118
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9hjiD8FhkyojG3Ffzj%2BXzzXD3zdBy9yVwM60x4iSN3DPw7GwfId%2BQYad2BBJc2h%2BoXr7GYpT4IpzVU%2FjRs43G%2BOtnDQjg9wZd5BITVBHJip2OQrPv56OTKlT%2Ffo%2FYFoc9hQLrCwbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=11272
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24854&sent=139&recv=69&lost=0&retrans=0&sent_bytes=137258&recv_bytes=11451&delivery_rate=112460&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=504&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 09:08:12 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: ALLOWALL
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd033eaa013bb5-WAW
server: cloudflare

GET
H3 200 email-decode.min.js Show response
ds761tbf-pl.fina.guru/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
28ms Script
application/javascript 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672b8df5-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRAS%2BspDWZyv7KDUfYsivAjtWFhme7ANxTC%2BiOX2WzQKq00TOnjnThfpo7ijl8G%2FOuF2i3ggUeoi554H33S7HlT1xuNGjcHUdx%2FaKoyECzMkxiym7bniAd7C4xg6jjFrrsN5yYsHSA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8dfd033efa8d3bb5-WAW
expires: Mon, 11 Nov 2024 10:10:23 GMT
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 15:40:37 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 422ms
57ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8dfd0342ef9db1bb-WAW
access-control-allow-origin: *
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 319 KB
107 KB 461ms
65ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVD2DK7

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a216abc7888ead066b12831d754d3f5805602383d2d693b6a7cfc5aecbf1fb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 09 Nov 2024 10:10:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 09 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108428
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 recaptcha__pl.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 548 KB
217 KB 52ms
50ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__pl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?renderer=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

070dd5553f99b0252bf738829f1545f4506b5e7e53db38d8199471ee10189b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer

Response headers

content-encoding: gzip
age: 269244
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 07:22:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 07:22:59 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222358
x-xss-protection: 0
server: sffe

GET
H3 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 45 KB
24 KB 93ms
41ms Font
font/ttf 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: gzip
age: 238383
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:57:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:57:20 GMT
last-modified: Tue, 23 Jul 2019 03:46:34 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24295
x-xss-protection: 0
server: sffe

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 46 KB
24 KB 128ms
77ms Font
font/ttf 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: gzip
age: 239756
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:34:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:34:27 GMT
last-modified: Tue, 23 Jul 2019 03:47:02 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24632
x-xss-protection: 0
server: sffe

GET
H3 200 JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 46 KB
24 KB 112ms
61ms Font
font/ttf 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: gzip
age: 240209
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:26:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:26:54 GMT
last-modified: Tue, 23 Jul 2019 03:46:43 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24405
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v14/ 45 KB
24 KB 95ms
45ms Font
font/ttf 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/static/core/m4m/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer: https://ds761tbf-pl.fina.guru/

Response headers

content-encoding: gzip
age: 238434
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:56:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:56:29 GMT
last-modified: Tue, 23 Jul 2019 03:46:21 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24251
x-xss-protection: 0
server: sffe

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/ 91 KB
32 KB 66ms
65ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

34224fee8cb7c66a4d5cc5ed9577459870390cd181be68fbaea252c5293a53a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 3608019661718415076
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 10:10:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 32269
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/ 434 KB
144 KB 82ms
81ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8279955182611131&plah=ds761tbf-pl.fina.guru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

062a95183823bcb7403e10edcdb1993f440115349acf0ad26f5006bcf18f91bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 16958399526476379050
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 10:10:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147845
x-xss-protection: 0
server: cafe

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame B076 0
0 155ms
70ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G&co=aHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnU6NDQz&hl=pl&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=i5j12req2ycc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__pl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2ghthRPC6Y-jyUlY9f94gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2ghthRPC6Y-jyUlY9f94gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Nov 2024 10:10:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-8279955182611131 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 471ms
72ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8279955182611131?href=https%3A%2F%2Fds761tbf-pl.fina.guru&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8279955182611131&plah=ds761tbf-pl.fina.guru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

14f621e2c8d3fd837517954ade92e109c1b91bbc3dbfcc744f6eb5f3fdfd3e15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qkW8_BH3TS3II9mDO70ccA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw05BiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIW4OSa82rOTTeDExo_ZShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhgbmegbG8QUGAHn7RSs"
content-security-policy: script-src 'report-sample' 'nonce-qkW8_BH3TS3II9mDO70ccA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 84ms
84ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8279955182611131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

GET
H3

200

main.js Show response
ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame EC5E
Redirect Chain

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

34ms
34ms

Script
application/javascript

172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cedcb8111cd95fb3098fec35892d904e9a9d789e800f2bfa8bd042753d5e017c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GeInRCR6atIV%2Fc%2BFCOIUb2QnK8k9J9844ejxjU6KsM90K6buqmL6Si1wA5RWJwys66BfJydev2Y4GRb85EF%2Fwt79zfloYE25vB3mWgbEVYfOEUvSLvWI6ruaQAEujNEC5DhndC7Uwg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8dfd0343bb6b3bb5-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24964&sent=159&recv=78&lost=0&retrans=0&sent_bytes=150861&recv_bytes=14138&delivery_rate=14562&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=1299&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNbcC6wW7%2BZuxYeQdiCk5oIg4BacymkQCGC84vwEBO8jv74Ysot8vQbctD7tj9PdQ6J7%2FaXNE26sWrUeAl4AsxRVeuEaW13c5A8kZ%2Ba8gdNTaMz4SPM2Tv8y7gMom9B16lTVZvGzMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dfd03436b073bb5-WAW
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=24836&sent=157&recv=77&lost=0&retrans=0&sent_bytes=150124&recv_bytes=13746&delivery_rate=197046&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=1263&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:23 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8dfd033c9e2c3bb5 Show response
ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame EC5E 0
1 KB 39ms
34ms XHR
text/plain 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/h/b/jsd/r/8dfd033c9e2c3bb5
Requested by: Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rbcmq4po5uPhL2qKpyurhBkIcjMmOg%2FpUz5sLodGaNNh8vlEvrogX4hCDb0ZLlE%2FVYCdoGQuALl8onGdxXQcf5sgf8h7nm%2BtlelFPmBEL5oKFDwnHMXZfeNJcITXLu7ai0vHyf%2BCag%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dfd03448c823bb5-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24825&sent=169&recv=95&lost=0&retrans=0&sent_bytes=155516&recv_bytes=31867&delivery_rate=118550&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=1440&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Sat, 09 Nov 2024 10:10:24 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

POST
H3 200 collect
www.google.com/ccm/ 0
0 55ms
55ms Ping
text/plain 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fds761tbf-pl.fina.guru%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1696541434.1731147024&auid=1348928389.1731147024&npa=1&gtm=45He4b70v854091770za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&tft=1731147024102&tfd=1458&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVD2DK7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 424 KB
134 KB 66ms
65ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c&gtm=45He4b70v854091770za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVD2DK7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ecdd55c051b0eaffc21a50c725b3e95ec82cc031b09092cf8de7cb5b05711447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 09 Nov 2024 10:10:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136355
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 1EDC 0
0 436ms
48ms Document
text/html 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fds761tbf-pl.fina.guru

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVD2DK7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Nov 2024 10:10:24 GMT
expires: Sun, 09 Nov 2025 10:10:24 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 453ms
51ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TRH92ECSV3&gtm=45je4b70v874499617z8854091770za200zb854091770&_p=1731147023450&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1236111303.1731147024&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731147024&sct=1&seg=0&dl=https%3A%2F%2Fds761tbf-pl.fina.guru%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1626
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c&gtm=45He4b70v854091770za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:24 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
558 B 469ms
53ms Ping
text/plain 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TRH92ECSV3&cid=1236111303.1731147024&gtm=45je4b70v874499617z8854091770za200zb854091770&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH92ECSV3&l=dataLayer&cx=c&gtm=45He4b70v854091770za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.206.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wk-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ds761tbf-pl.fina.guru
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:24 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.pl/ads/ 42 B
408 B 481ms
77ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TRH92ECSV3&cid=1236111303.1731147024&gtm=45je4b70v874499617z8854091770za200zb854091770&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629&tag_exp=101823848~101925629&z=1986786972

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 09 Nov 2024 10:10:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 AGSKWxVlm5WSc6OYr3tlYQQ7jlm7Csv3_BqcdM5AAJgAo3Wc8lrkJctfTxpmn_8psfNnhn5DubVSZJ1mtcD-lecH9CKZCMtBoRAJjjCofLU6vzTldnHD8whKTE8KVANQmBknrnwA50vf Show response
fundingchoicesmessages.google.com/f/ 427 KB
65 KB 130ms
129ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVlm5WSc6OYr3tlYQQ7jlm7Csv3_BqcdM5AAJgAo3Wc8lrkJctfTxpmn_8psfNnhn5DubVSZJ1mtcD-lecH9CKZCMtBoRAJjjCofLU6vzTldnHD8whKTE8KVANQmBknrnwA50vf?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMTQ3MDI0LDM2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kczc2MXRiZi1wbC5maW5hLmd1cnUvIixudWxsLFtbOCwiRktqUHllR3lCSm8iXSxbOSwicGwiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.FKjPyeGyBJo.es5.O/am=GAw/d=1/rs=AJlcJMzb0TWBGyApFVKMjC0DK_xLoetocw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

44c68f5483de3b7daaee2ee144b9e13b7814276c1bcdc108cdc6f6dd86be2cd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fDq6CrLRXp6c9MG8e8SOhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1JBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OCa82rOTTWDC7z0PGZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0NzPUMjOMLDADBHkWD"
content-security-policy: script-src 'report-sample' 'nonce-fDq6CrLRXp6c9MG8e8SOhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame E41B 0
0 63ms
62ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pl&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfpH_EdAAAAAEX-mJPq1-LAyGQa8GhbRvrbHP0G

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__pl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F-69DYul2lwOj4PEMqMoJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-F-69DYul2lwOj4PEMqMoJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Nov 2024 10:10:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 559ms
60ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.FKjPyeGyBJo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyN7GhDo5nZXihMs7mdTxJr2gROQg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

40c08123963fafb7ea2a2f6f3bd85a4b8b2bbbecd85c12da94ef0be3beb787d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 10:10:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:25 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 09 Nov 2024 10:10:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 49ms
49ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer: https://ds761tbf-pl.fina.guru/

Response headers

age: 240123
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:28:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:28:21 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 42ms
41ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: ds761tbf-pl.fina.guru
URL: https://ds761tbf-pl.fina.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer: https://ds761tbf-pl.fina.guru/

Response headers

age: 239679
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:35:45 GMT
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35328
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxXK8Y2ezUEL-1TpbwgE1i4cgIBgqbD8kXXFk0mRDEwQNT3D9UudNS5_KFcXshDwmHLNaKQWCoHd3Xh0xNhWuStpopeRSK7_hxjCLdLPrIH9ov6Agp8fb9l04c7PyEml2-xm5ZRC Show response
fundingchoicesmessages.google.com/el/ 0
28 B 106ms
55ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXK8Y2ezUEL-1TpbwgE1i4cgIBgqbD8kXXFk0mRDEwQNT3D9UudNS5_KFcXshDwmHLNaKQWCoHd3Xh0xNhWuStpopeRSK7_hxjCLdLPrIH9ov6Agp8fb9l04c7PyEml2-xm5ZRC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LUUjPqdcPvEifKZHPg-5Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uGY8GrPTjaBhsc_jjApuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQwNzPQPz-AIDAE8nKTo"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LUUjPqdcPvEifKZHPg-5Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ds761tbf-pl.fina.guru
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXK8Y2ezUEL-1TpbwgE1i4cgIBgqbD8kXXFk0mRDEwQNT3D9UudNS5_KFcXshDwmHLNaKQWCoHd3Xh0xNhWuStpopeRSK7_hxjCLdLPrIH9ov6Agp8fb9l04c7PyEml2-xm5ZRC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XcyX4wMH4jHe4bbTXsGG6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 10:10:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uGY8GrPTjaBA0t-HGFScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhgbmegbm8QUGAFOhKUQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XcyX4wMH4jHe4bbTXsGG6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://ds761tbf-pl.fina.guru
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v29/ 69 KB
69 KB 43ms
42ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

516507425d7f314a4731db8a6848b8d584326bad9cc47dbffa4052faf90de11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ds761tbf-pl.fina.guru
Referer: https://fonts.googleapis.com/

Response headers

age: 227675
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 18:55:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 18:55:50 GMT
last-modified: Wed, 06 Nov 2024 17:30:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70768
x-xss-protection: 0
server: sffe

POST
H3 204 rum Show response
ds761tbf-pl.fina.guru/cdn-cgi/ 0
145 B 35ms
33ms XHR
text/plain 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://ds761tbf-pl.fina.guru/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8dfd034b59403bb5-WAW
access-control-allow-origin: https://ds761tbf-pl.fina.guru
date: Sat, 09 Nov 2024 10:10:25 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 Favicon_36%D1%8536_kzmoney_brown_Jxc058t.png
ds761tbf-pl.fina.guru/media/data/media/ 1 KB
2 KB 55ms
54ms Other
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Favicon_36%D1%8536_kzmoney_brown_Jxc058t.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cb3eed7aa7cf67179bf40ec0f0ae6086de4d7733ebf8d427f5f54fb3ca86a12

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "652d44d6-7f1"
age: 1118
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJCuhISabqcBBJgJI64adNq2gdiqCChvmvkh6DHNYYl2%2B4lMhgvai%2BIDfz446qXm%2F%2B%2Frqo6UrqApu48o9m51Fs6m51fZb3KHY%2BoMySarFoomTQqK0ojy7VckzuPcKQ%2FvtQ6EGlDJHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2033
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25410&sent=191&recv=104&lost=0&retrans=0&sent_bytes=176182&recv_bytes=35840&delivery_rate=4630&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=2651&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:25 GMT
content-type: image/webp
content-disposition: inline; filename="Favicon_36%D1%8536_kzmoney_brown_Jxc058t.webp"
vary: Accept
priority: u=1,i
x-frame-options: ALLOWALL
last-modified: Mon, 16 Oct 2023 14:12:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd034c1aae3bb5-WAW
accept-ranges: bytes
content-length: 1212
server: cloudflare

GET
H3 200 Favicon_36%D1%8536_kzmoney_brown_Jxc058t.png
ds761tbf-pl.fina.guru/media/data/media/ 1 KB
0 1ms
0ms Other
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/media/data/media/Favicon_36%D1%8536_kzmoney_brown_Jxc058t.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cb3eed7aa7cf67179bf40ec0f0ae6086de4d7733ebf8d427f5f54fb3ca86a12

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "652d44d6-7f1"
age: 1118
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJCuhISabqcBBJgJI64adNq2gdiqCChvmvkh6DHNYYl2%2B4lMhgvai%2BIDfz446qXm%2F%2B%2Frqo6UrqApu48o9m51Fs6m51fZb3KHY%2BoMySarFoomTQqK0ojy7VckzuPcKQ%2FvtQ6EGlDJHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2033
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25410&sent=191&recv=104&lost=0&retrans=0&sent_bytes=176182&recv_bytes=35840&delivery_rate=4630&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=2651&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:25 GMT
content-type: image/webp
content-disposition: inline; filename="Favicon_36%D1%8536_kzmoney_brown_Jxc058t.webp"
vary: Accept
priority: u=1,i
x-frame-options: ALLOWALL
last-modified: Mon, 16 Oct 2023 14:12:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd034c1aae3bb5-WAW
accept-ranges: bytes
content-length: 1212
server: cloudflare

GET
H3 200 192x192.png
ds761tbf-pl.fina.guru/static/pwa/ 46 B
781 B 56ms
55ms Other
image/webp 172.67.70.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds761tbf-pl.fina.guru/static/pwa/192x192.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59409080a933821e87e581daa91a7fec2d3fa0fe0ad21441d0e9b60fe5c54a8

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ds761tbf-pl.fina.guru/

Response headers

cf-bgj: imgq:85,h2pri
etag: "62a365e2-263"
age: 1118
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NL0MyRLx16pkwv0LBjGfklodC5d211TXdir78%2FIyBnbdAaMxSwSrrRhz4dZ%2FME7OiykcnZaNURc8cz0yXDNZ1NfnUmXsyLd1EByLGAmZEzPmNgV5rSGGqZ569IhzTc683dTHCeLrfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=611
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25472&sent=194&recv=106&lost=0&retrans=0&sent_bytes=178234&recv_bytes=36805&delivery_rate=35635&cwnd=66000&unsent_bytes=0&cid=0613c72e0d16f664&ts=2729&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 10:10:25 GMT
content-type: image/webp
content-disposition: inline; filename="192x192.webp"
vary: Accept
priority: u=1,i
x-frame-options: ALLOWALL
last-modified: Fri, 10 Jun 2022 15:40:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfd034c8b743bb5-WAW
accept-ranges: bytes
content-length: 46
server: cloudflare

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ds761tbf-pl.fina.guru/	1969-12-31 23:59:59	Name: pers_id Value: d505a0409e8211efab9b005056020efc
ds761tbf-pl.fina.guru/	1970-01-21 09:36:36	Name: csrftoken Value: EtmUlWISUpH2uSvn6CjJjxAJLA3l06AL
.fina.guru/	1970-01-21 03:02:03	Name: _gcl_au Value: 1.1.1348928389.1731147024
.fina.guru/	1970-01-21 09:38:03	Name: cf_clearance Value: MJZxXZ_h9tvcMeqqoQd5Gj3tbAw_LgUubyHLF.ujLOI-1731147024-1.2.1.1-KJM76VR7Q7DdM4rKn2JxhHumm.5GuJ.MJxWgYIn3QLXMRwSfnFaKk97kkVGyredXr1vRiCLct_z0HRYdQyME3QG7Iso3bon9xXEqraLbeDOuVRt3f63pgEBRfOzGx.zzgdpT2e9UHpR0pLyh7MU040FbZaF.aTTVcXDSfqSdg4fu6PATCkdntBbXLYhf5H9JvPxTAQMPUDo3xfyO.Z3cUFwfavCpzSUs6zONsOQgTr9XhGQM4zP6coNsr_caff3ef7OSAxigHSkTbKdMWyQmg7Yp9tk53nJp7Un4yQ25u5ZdtbXImWFEsNLD_bLksST0bFlnCiLE8cQ.H5.W4dQoP3T9lR4Fhprl3Di5pWNmKD0jF4bBNui9ep48ZNn70Ryt
ds761tbf-pl.fina.guru/	1969-12-31 23:59:59	Name: click_id Value: d52b1c009e8211efab9b005056020efc
.fina.guru/	1970-01-21 10:28:27	Name: _ga Value: GA1.1.1236111303.1731147024
.fina.guru/	1970-01-21 10:28:27	Name: _ga_TRH92ECSV3 Value: GS1.1.1731147024.1.0.1731147025.59.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ds761tbf-pl.fina.guru
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google.com
www.google.pl
www.googletagmanager.com
www.gstatic.com
104.16.80.73
142.250.184.196
142.250.185.131
142.250.185.168
142.250.185.66
142.250.185.99
142.250.186.142
142.250.186.74
142.250.186.99
151.101.2.137
172.67.70.42
216.239.32.36
74.125.206.155
03aff9ba10559a70ac312000ccfe9585b762f171283c53c3271d343080425093
062a95183823bcb7403e10edcdb1993f440115349acf0ad26f5006bcf18f91bd
070dd5553f99b0252bf738829f1545f4506b5e7e53db38d8199471ee10189b80
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ea72eb08bb5d6bcdfb76f907fcea9b26875526153d87c10278f6f3648a91283
1226da68e0549112fa7d39361b1a9700b049a4309bfb82d302fef94fb5b91464
14f621e2c8d3fd837517954ade92e109c1b91bbc3dbfcc744f6eb5f3fdfd3e15
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
34224fee8cb7c66a4d5cc5ed9577459870390cd181be68fbaea252c5293a53a3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cb3eed7aa7cf67179bf40ec0f0ae6086de4d7733ebf8d427f5f54fb3ca86a12
40c08123963fafb7ea2a2f6f3bd85a4b8b2bbbecd85c12da94ef0be3beb787d6
44c68f5483de3b7daaee2ee144b9e13b7814276c1bcdc108cdc6f6dd86be2cd4
516507425d7f314a4731db8a6848b8d584326bad9cc47dbffa4052faf90de11b
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5cf9e8037b2fa748ab852a77bed93aed22371cbe734982d23715c14953a34a5d
5f1b6ebc5894899b4f875b3f3962b33548c0b7944dbd77dec30ac1d8974e72cc
64afac0d271c4982526ed9983b60d02062a198bc8c6ccf7359f01f67914f29df
69df19aa714c324e70896cd5cc834d9dcc1080b58b2e771e86df18ab10b20859
6efeb17ba9975bde65b7c0e2db15aa529b4201a6d92ecd1887be5d62eaac5354
7928369a406440002cb4b79ce79e2374bb580a6f189a16db2e400cdfa80e3130
7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7
8163fb5039177560b2da8c13dcd96a2df8ca9e68fc6533bcb991a465703c40c2
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8f6df34863028d34b9d403ae0045a73d94b601af0c1b5d2a551470bae2617669
a216abc7888ead066b12831d754d3f5805602383d2d693b6a7cfc5aecbf1fb76
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b1b8add97fbfd7710e32d0ab792c17e0a30c491aff1fb1cf790b1dd084aa69d4
b6021f95f5d5d1483fbebf9552e64304494d27b5aad6c7b01f89076e11b1486a
c01eda7f50e5a175644989807fc6c9e60d55d5d69bb50e80426b17b2750fd4fa
cedcb8111cd95fb3098fec35892d904e9a9d789e800f2bfa8bd042753d5e017c
d59409080a933821e87e581daa91a7fec2d3fa0fe0ad21441d0e9b60fe5c54a8
df320e7de561d0487df9224085d0485e33aa0e7f054d25be29ef54ea0f12b785
e25f045067e9e364e636f17d33894f47806732eb343486639546296faa75207b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecdd55c051b0eaffc21a50c725b3e95ec82cc031b09092cf8de7cb5b05711447
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

ds761tbf-pl.fina.guru Open in urlscan Pro 172.67.70.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

98 %HTTPS

0 %IPv6

10 Domains

13 Subdomains

13 IPs

2 Countries

1269 kBTransfer

3701 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ds761tbf-pl.fina.guru Open in urlscan Pro
172.67.70.42 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1269 kB
Transfer

3701 kB
Size

7
Cookies

51 HTTP transactions
0 data transactions