urlscan.io logo urlscan.io
SecurityTrails logo

prodengi.kz Open in urlscan Pro
144.76.40.176  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Effective URL: https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Submission: On November 03 via manual
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 21 HTTP transactions. The main IP is 144.76.40.176, located in Germany and belongs to HETZNER-AS, DE. The main domain is prodengi.kz.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on November 27th 2017. Valid for: a year.
This is the only time prodengi.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 144.76.40.176 24940 (HETZNER-AS)
1 172.217.22.66 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.22.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 10
4    144.76.40.176 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prodengi.kz
prodengi.kz
1    172.217.22.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net
partner.googleadservices.com
5    2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
2    172.217.22.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:810::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    2a00:1450:400c:c00::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
5 pagead2.googlesyndication.com prodengi.kz
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 prodengi.kz 2 redirects prodengi.kz
3 stats.g.doubleclick.net 1 redirects prodengi.kz
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 securepubads.g.doubleclick.net partner.googleadservices.com
www.googletagservices.com
1 www.google.de prodengi.kz
1 www.google.com 1 redirects
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com prodengi.kz
1 partner.googleadservices.com prodengi.kz
0 gakz.hit.gemius.pl Failed prodengi.kz
0 vkontakte.ru Failed prodengi.kz
0 code.jquery.com Failed prodengi.kz
21 14

This site contains no links.

Subject Issuer Validity Valid
*.prodengi.kz
COMODO RSA Domain Validation Secure Server CA		 2017-11-27 -
2019-02-25		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-10-16 -
2019-01-08		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-10-16 -
2019-01-08		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2018-10-16 -
2019-01-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Frame ID: C35395189053266CC3BBD9E3492331ED
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js
Frame ID: 6604AC40AA501EA8BDCF479D8A920D08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html
Frame ID: 9E1D3207A8F33543AE0A7B4DE23BA760
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731715210448119&output=html&h=600&slotname=3820330846&adk=259960633&adf=3296512626&w=300&lmt=1541269786&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fprodengi.kz%2Fgo.php%3Furl%3Dhttp%3A%2F%2Fcleantalkorg2.ru%2Farticle&flash=0&wgl=1&adsid=NT&dt=1541269786786&bpp=54&bdt=294&fdt=119&idt=114&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&correlator=1418655248116&frm=20&pv=2&ga_vid=42009647.1541269787&ga_sid=1541269787&ga_hid=1803416510&ga_fc=0&iag=0&icsg=42478210&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=680&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C618018085&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=4001926439&ifi=1&uci=1.6x2g96xuv8wz&fsb=1&xpc=ooYHdzSNq6&p=https%3A//prodengi.kz&dtd=141
Frame ID: C8FCE44BE216974459526E147975280B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article HTTP 301
    https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i

Page Statistics

21
Requests

86 %
HTTPS

70 %
IPv6

10
Domains

14
Subdomains

10
IPs

3
Countries

323 kB
Transfer

879 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article HTTP 301
    https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://prodengi.kz/images/prodengi_logo_new1.png HTTP 301
  • https://prodengi.kz/images/prodengi_logo_new1.png
Request Chain 15
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=2099917181&utmhn=prodengi.kz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9F%D0%B5%D1%80%D0%B5%D0%BD%D0%B0%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%81%20prodengi.kz%20%D0%BD%D0%B0%20http%3A%2F%2Fcleantalkorg2.ru%2Farticle&utmhid=1803416510&utmr=-&utmp=%2Fgo.php%3Furl%3Dhttp%3A%2F%2Fcleantalkorg2.ru%2Farticle&utmht=1541269786861&utmac=UA-5245378-1&utmcc=__utma%3D250460825.1475094128.1541269787.1541269787.1541269787.1%3B%2B__utmz%3D250460825.1541269787.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=692517560&utmredir=3&utmu=qBEAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5245378-1&cid=1475094128.1541269787&jid=692517560&_v=5.7.2dc&z=2099917181 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5245378-1&cid=1475094128.1541269787&jid=692517560&_v=5.7.2dc&z=2099917181&slf_rd=1&random=3456764220

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request go.php
prodengi.kz/
Redirect Chain
  • http://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
  • https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
144.76.40.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
prodengi.kz
Software
nginx/1.2.7 /
Resource Hash
e8095fdcd3cbbbe907262918e9102bc6cd698e0914235b601cc4e9735ef85a36

Request headers

Host
prodengi.kz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.2.7
Date
Sat, 03 Nov 2018 18:29:46 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip

Redirect headers

Server
nginx/1.2.7
Date
Sat, 03 Nov 2018 18:29:46 GMT
Content-Type
text/html
Content-Length
184
Connection
keep-alive
Location
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
google_service.js
partner.googleadservices.com/gampad/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/google_service.js
Requested by
Host: prodengi.kz
URL: https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
24af5dca9f5637404350577a4806a8231551e7a56f4676c78cd1253b06055324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1862
x-xss-protection
1; mode=block
server
cafe
etag
2874346985256337224
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Nov 2018 18:29:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: prodengi.kz
URL: https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b618513f311667ea34e169bbcbbc0da268eaa0648f0df82f82ae768566e4f60c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
28096
x-xss-protection
1; mode=block
server
cafe
etag
9310164537745808583
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Nov 2018 18:29:46 GMT
jquery-1.8.3.js
code.jquery.com/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: prodengi.kz
URL: https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
29fc84934b88bc2b0775cd250653124451989c54ad68c37fe1e1dd9180c70fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"9 / 412 of 1000 / last-modified: 1541186538"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8937
x-xss-protection
1; mode=block
expires
Sat, 03 Nov 2018 18:29:46 GMT
google_ads.js
securepubads.g.doubleclick.net/gampad/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/google_ads.js
Requested by
Host: partner.googleadservices.com
URL: https://partner.googleadservices.com/gampad/google_service.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
c961ecd3c2884d6b2101428426bf2ebad0825d77a94db3703cd5150dbc1f9b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
19010
x-xss-protection
1; mode=block
server
cafe
etag
6566874807894057325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Nov 2018 18:29:46 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=prodengi.kz
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=prodengi.kz
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_270.js
securepubads.g.doubleclick.net/gpt/ 		184 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
516b065177d1546683627fa32c8574fd59edc3eb3bf92cef5882d53e58d7a1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Oct 2018 15:56:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
64036
x-xss-protection
1; mode=block
expires
Sat, 03 Nov 2018 18:29:46 GMT
openapi.js
vkontakte.ru/js/api/ 		0
0
xgemius.js
gakz.hit.gemius.pl/ 		0
0
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: prodengi.kz
URL: https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Oct 2018 19:41:26 GMT
server
Golfe2
age
3697
date
Sat, 03 Nov 2018 17:28:09 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17093
expires
Sat, 03 Nov 2018 19:28:09 GMT
prodengi_logo_new1.png
prodengi.kz/images/
Redirect Chain
  • http://prodengi.kz/images/prodengi_logo_new1.png
  • https://prodengi.kz/images/prodengi_logo_new1.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prodengi.kz/images/prodengi_logo_new1.png
Requested by
Host: prodengi.kz
URL: https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
144.76.40.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
prodengi.kz
Software
nginx/1.2.7 /
Resource Hash
ab9d41d59a00b7b9fbe65070513f392c9287e3814b61da420fdd368566c494cc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 03 Nov 2018 18:29:46 GMT
Last-Modified
Sat, 15 Nov 2014 10:17:01 GMT
Server
nginx/1.2.7
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3822
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date
Sat, 03 Nov 2018 18:29:46 GMT
Server
nginx/1.2.7
Content-Type
text/html
Location
https://prodengi.kz/images/prodengi_logo_new1.png
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
184
Expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/ 		201 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
466d2b29f247dbc0e604947617a57648f41f9def02b7aad22dcc51e610a3a445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
76292
x-xss-protection
1; mode=block
server
cafe
etag
8003792231229236402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Nov 2018 18:29:46 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/ Frame 6604 		201 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
466d2b29f247dbc0e604947617a57648f41f9def02b7aad22dcc51e610a3a445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
76292
x-xss-protection
1; mode=block
server
cafe
etag
8003792231229236402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Nov 2018 18:29:46 GMT
ca-pub-1731715210448119.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		68 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1731715210448119.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 03 Nov 2018 18:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
content-type
text/javascript
status
200
cache-control
public, max-age=43200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
88
x-xss-protection
1; mode=block
expires
Sun, 04 Nov 2018 06:29:46 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=2099917181&utmhn=prodengi.kz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9F%...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5245378-1&cid=1475094128.1541269787&jid=692517560&_v=5.7.2dc&z=2099917181
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5245378-1&cid=1475094128.1541269787&jid=692517560&_v=5.7.2dc&z=2099917181&slf_rd=1&random=3456764220
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5245378-1&cid=1475094128.1541269787&jid=692517560&_v=5.7.2dc&z=2099917181&slf_rd=1&random=3456764220
Requested by
Host: prodengi.kz
URL: https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Nov 2018 18:29:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Nov 2018 18:29:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5245378-1&cid=1475094128.1541269787&jid=692517560&_v=5.7.2dc&z=2099917181&slf_rd=1&random=3456764220
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/ Frame 9E1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20181031/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
accept-encoding
gzip, deflate
cookie
IDE=AHWqTUlM4E1geeyNM_9LvGtqaewUOlLD7MWag4S3S8rRcfLRcgBwZ-fW74ib_RXl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 01 Nov 2018 19:06:53 GMT
expires
Thu, 15 Nov 2018 19:06:53 GMT
content-type
text/html; charset=UTF-8
etag
12810928231326100212
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6940
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
170573
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
ads
googleads.g.doubleclick.net/pagead/ Frame C8FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731715210448119&output=html&h=600&slotname=3820330846&adk=259960633&adf=3296512626&w=300&lmt=1541269786&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fprodengi.kz%2Fgo.php%3Furl%3Dhttp%3A%2F%2Fcleantalkorg2.ru%2Farticle&flash=0&wgl=1&adsid=NT&dt=1541269786786&bpp=54&bdt=294&fdt=119&idt=114&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&correlator=1418655248116&frm=20&pv=2&ga_vid=42009647.1541269787&ga_sid=1541269787&ga_hid=1803416510&ga_fc=0&iag=0&icsg=42478210&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=680&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C618018085&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=4001926439&ifi=1&uci=1.6x2g96xuv8wz&fsb=1&xpc=ooYHdzSNq6&p=https%3A//prodengi.kz&dtd=141
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1731715210448119&output=html&h=600&slotname=3820330846&adk=259960633&adf=3296512626&w=300&lmt=1541269786&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fprodengi.kz%2Fgo.php%3Furl%3Dhttp%3A%2F%2Fcleantalkorg2.ru%2Farticle&flash=0&wgl=1&adsid=NT&dt=1541269786786&bpp=54&bdt=294&fdt=119&idt=114&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&correlator=1418655248116&frm=20&pv=2&ga_vid=42009647.1541269787&ga_sid=1541269787&ga_hid=1803416510&ga_fc=0&iag=0&icsg=42478210&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=680&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C618018085&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=4001926439&ifi=1&uci=1.6x2g96xuv8wz&fsb=1&xpc=ooYHdzSNq6&p=https%3A//prodengi.kz&dtd=141
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
accept-encoding
gzip, deflate
cookie
IDE=AHWqTUlM4E1geeyNM_9LvGtqaewUOlLD7MWag4S3S8rRcfLRcgBwZ-fW74ib_RXl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 03 Nov 2018 18:29:47 GMT
server
cafe
cache-control
private
content-length
383
x-xss-protection
1; mode=block
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
osd.js
pagead2.googlesyndication.com/pagead/js/r20181031/r20110914/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20181031/r20110914/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/google_ads.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
54af46f306964af72da59c1d80240015e8f1bec1d723a259bb0e8944f30786b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 01 Nov 2018 18:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
28222
x-xss-protection
1; mode=block
server
cafe
etag
2884000118126310004
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Nov 2018 18:54:21 GMT
__utm.gif
stats.g.doubleclick.net/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=80890514&utmhn=prodengi.kz&utmt=event&utme=5(tracking_script*loaded*dc.js)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9F%D0%B5%D1%80%D0%B5%D0%BD%D0%B0%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%81%20prodengi.kz%20%D0%BD%D0%B0%20http%3A%2F%2Fcleantalkorg2.ru%2Farticle&utmhid=1803416510&utmr=-&utmp=%2Fgo.php%3Furl%3Dhttp%3A%2F%2Fcleantalkorg2.ru%2Farticle&utmht=1541269787130&utmac=UA-5245378-1&utmni=1&utmcc=__utma%3D250460825.1475094128.1541269787.1541269787.1541269787.1%3B%2B__utmz%3D250460825.1541269787.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6BEAAAAAAAAAAAAAAAAAAAAE~
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prodengi.kz/go.php?url=http://cleantalkorg2.ru/article
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Nov 2018 00:31:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
237501
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jquery.com
URL
http://code.jquery.com/jquery-1.8.3.js
Domain
vkontakte.ru
URL
http://vkontakte.ru/js/api/openapi.js
Domain
gakz.hit.gemius.pl
URL
http://gakz.hit.gemius.pl/xgemius.js

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| GA_jstiming function| GS_googleAddAdSenseService function| GS_googleEnableAllServices function| GS_googleResetAllServices function| GS_googleGetIdsForAdSenseService function| GS_googleFindService function| GS_googleGetExpIdsForAdSense object| GS_googleServiceIds_ number| t function| popup_timer function| skip number| timeoutID object| googletag object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| GA_googleSetCookieOptions function| GA_googleSetTagForChildDirectedTreatment function| GA_googleAddSlot function| GA_googleFetchAds function| GA_googleUseIframeRendering function| GA_googleUseFriendlyIframeRendering function| GA_googleUseFriendlyIframeSRARendering function| GA_googleUseSyncSRARendering function| GA_googleDomainResetUrl function| GA_googleFillSlot function| GA_googleFillSlotWithSize function| GA_googleResetAll boolean| google_noFetch function| GA_googleNoFetch function| GA_googleDelayFetch function| GA_googleAddAttr function| GA_googleAddAdSensePageAttr function| GA_googleAddAdSenseSlotAttr function| GA_googleCreateDomIframe function| GA_googleSetAdContentsBySlot function| GA_googleSetAdContentsBySlotForSync function| GA_googleSetAdContentsBySlotForAsync function| GA_googleSyncAdSlotLoaded function| GA_googleReallyFetchAds object| GA_googleEnv object| _GA_googleCookieHelper object| __google_ad_urls number| __google_ad_urls_id string| pp_gemius_identifier object| _gaq object| OpenStatParser undefined| campaignParams object| adsbygoogle object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars object| _gat object| gaGlobal function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| GPT_jstiming boolean| google_DisableInitialLoad number| __google_osd_ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

6 Cookies

Domain/Path Name / Value
.prodengi.kz/ Name: __utmb
Value: 250460825.2.9.1541269787
.doubleclick.net/ Name: IDE
Value: AHWqTUlM4E1geeyNM_9LvGtqaewUOlLD7MWag4S3S8rRcfLRcgBwZ-fW74ib_RXl
.prodengi.kz/ Name: __utmt
Value: 1
.prodengi.kz/ Name: __utmc
Value: 250460825
.prodengi.kz/ Name: __utmz
Value: 250460825.1541269787.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.prodengi.kz/ Name: __utma
Value: 250460825.1475094128.1541269787.1541269787.1541269787.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
gakz.hit.gemius.pl
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
prodengi.kz
securepubads.g.doubleclick.net
stats.g.doubleclick.net
vkontakte.ru
www.google.com
www.google.de
www.googletagservices.com
code.jquery.com
gakz.hit.gemius.pl
vkontakte.ru
144.76.40.176
172.217.22.66
172.217.22.98
2a00:1450:4001:806::2003
2a00:1450:4001:810::2002
2a00:1450:4001:817::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:821::2002
2a00:1450:400c:c00::9a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
24af5dca9f5637404350577a4806a8231551e7a56f4676c78cd1253b06055324
29fc84934b88bc2b0775cd250653124451989c54ad68c37fe1e1dd9180c70fae
466d2b29f247dbc0e604947617a57648f41f9def02b7aad22dcc51e610a3a445
516b065177d1546683627fa32c8574fd59edc3eb3bf92cef5882d53e58d7a1f2
54af46f306964af72da59c1d80240015e8f1bec1d723a259bb0e8944f30786b0
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
ab9d41d59a00b7b9fbe65070513f392c9287e3814b61da420fdd368566c494cc
b618513f311667ea34e169bbcbbc0da268eaa0648f0df82f82ae768566e4f60c
c961ecd3c2884d6b2101428426bf2ebad0825d77a94db3703cd5150dbc1f9b3a
e8095fdcd3cbbbe907262918e9102bc6cd698e0914235b601cc4e9735ef85a36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629