urlscan.io logo urlscan.io
SecurityTrails logo

ekapustazajm.24bank.su Open in urlscan Pro
138.201.66.95  Public Scan

Go To Rescan Add Verdict Report
URL: https://ekapustazajm.24bank.su/
Submission: On October 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 136 HTTP transactions. The main IP is 138.201.66.95, located in Germany and belongs to HETZNER-AS, DE. The main domain is ekapustazajm.24bank.su.
TLS certificate: Issued by R3 on October 14th 2021. Valid for: 3 months.
This is the only time ekapustazajm.24bank.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    138.201.66.95 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.seoom.ru
ekapustazajm.24bank.su
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
ajax.googleapis.com
1    92.38.252.165 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)
allstat-pp.ru
10    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
14    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
7    212.92.100.238 (Russian Federation)

ASN49505 (SELECTEL, RU)
core.bee.gl
5    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
14    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
7    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
adservice.google.de
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
adservice.google.com
29    92.53.68.202 (Russian Federation)

ASN49505 (SELECTEL, RU)
133921.selcdn.ru
6    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.gstatic.com
20    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googletagservices.com
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
s0.2mdn.net
4    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
Domain Requested by
29 133921.selcdn.ru ekapustazajm.24bank.su
20 tpc.googlesyndication.com googleads.g.doubleclick.net
ekapustazajm.24bank.su
tpc.googlesyndication.com
pagead2.googlesyndication.com
15 ekapustazajm.24bank.su ekapustazajm.24bank.su
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
ekapustazajm.24bank.su
googleads.g.doubleclick.net
11 mc.yandex.com 2 redirects ekapustazajm.24bank.su
mc.yandex.ru
10 pagead2.googlesyndication.com ekapustazajm.24bank.su
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
7 fonts.gstatic.com fonts.googleapis.com
7 core.bee.gl ekapustazajm.24bank.su
core.bee.gl
6 www.gstatic.com googleads.g.doubleclick.net
5 fonts.googleapis.com ajax.googleapis.com
core.bee.gl
googleads.g.doubleclick.net
4 www.google.com 3 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 mc.yandex.ru 1 redirects ekapustazajm.24bank.su
core.bee.gl
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 ajax.googleapis.com ekapustazajm.24bank.su
1 s0.2mdn.net tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 allstat-pp.ru ekapustazajm.24bank.su
136 19

This site contains links to these domains. Also see Links.

Domain
ekapusta.com
Subject Issuer Validity Valid
ekapustazajm.24bank.su
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
allstat-pp.ru
R3		 2021-09-08 -
2021-12-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
core.bee.gl
R3		 2021-08-26 -
2021-11-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.selcdn.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-26 -
2021-12-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 16 frames:

Primary Page: https://ekapustazajm.24bank.su/
Frame ID: 3486974B593321696D280C45DD773536
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 488C1BC7E070EBF061DF26B20CBDEEE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=3025194257&lmt=1634121824&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986893&bpp=4&bdt=382&idt=304&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3046616529035&frm=20&pv=2&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340
Frame ID: 9403C26AB7A1223285D2F334005546E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Frame ID: BA5005931CE422487E54209B93C858DB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Frame ID: FFE339B930A4AE7F5DB9683D8C5308D4
Requests: 1 HTTP requests in this frame

Frame: https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
Frame ID: CBD98F53FCA3E63577245D3992C4861D
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: D942AA9536D27C7D73DC753186FBDE61
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
Frame ID: D13D095D6BD8BA18EE18E3E19E01A848
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CgqdkY6NnYa-zHZmCgQeI8JGYAcuk2t5lhevAkowO9JDI-5oCEAEgtLj-ImCV4pCCoAegAc_l99UDyAEJqQJUtRUXrHOzPqgDAcgDSKoE1QFP0ECp7xiix-33mldLG0PB9TpO-IvUXVt5Q-78xyRvp7he80Mlggc_3vN979voaTJBERAVLXuB3elL44t0wevq41JCNw8OTvBz-IaQilA7UjzDJ-CiLDofEvjdk-rcMCZm33PLDLAsBUwsdl8YW8gCsNpNdPRAd1W9Z63kUphZhG9fh6hdNp1bsebK5kBMUAekpbzVohHkyFumrqNjB8qXJx63kE_n2AkVnZy8ffiGXkz9oF3cMP4ur7kLHDfmJ1nna95ls6xLIgk8-zBUth1Jv-hzKVTABP2a9_vTA5IFBAgEGAGSBQQIBRgEoAYugAeZmogqqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBRCenLID0ggJCIDhgBAQARhfgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTExMTQ5OTM0MzgwNzU0NDYYAA&sigh=jJbNCjoXfB8&template_id=419
Frame ID: D1F50081012A1EB7D344E37FF4DFA979
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 30FDE710BF6E17E21A47DE50B8A48364
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1B627609E6028129DF40A223FA25482C
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 648EE5393F45B7E7E72DC081F0666D04
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 084E87FFD4B0B8E5F006F0E1128FF1AA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Frame ID: 37AF0137923EDED8EA81AC2B26DBABEA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F166EC0293020DDA8A773707CF4776B2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D89BDB10D9A13F126F2450EE0DADE3B8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Е-капуста займ личный кабинет вход на сайт ekapusta ru

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

19
Subdomains

19
IPs

3
Countries

1504 kB
Transfer

3484 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9425.ii-4NHV2lD-6tZQ39KXUXxIfF3sqy9Ki56jdJUppqljcJGwteJaK5IsN7klUl4zq.jxIrte3fk3dBNKvOIvWYOwiHHp8%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9425.3HB-Y4eKhTy2CKaLLViCGCZIH-u1V9QJUDADjzuGXd74-pc5ZtPMVhfXGeNk3rEoE1gGUsKE4Q1GPsDLYgjIKA%2C%2C.828Hd3BG9T_y5tO6b9eNTB9jTP4%2C
Request Chain 38
  • https://mc.yandex.com/watch/65665441?wmode=7&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbd8xdjs5a54k%3Afp%3A283%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A816741070574%3Ahid%3A171447890%3Az%3A0%3Ai%3A202101014032627%3Aet%3A1634181987%3Ac%3A1%3Arn%3A78010019%3Arqn%3A1%3Au%3A16341819871019462884%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634181986438%3Adsn%3A19%2C26%2C22%2C1%2C0%2C0%2C%2C313%2C23%2C%2C%2C%2C384%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634181987%3At%3A%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/65665441/1?wmode=7&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbd8xdjs5a54k%3Afp%3A283%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A816741070574%3Ahid%3A171447890%3Az%3A0%3Ai%3A202101014032627%3Aet%3A1634181987%3Ac%3A1%3Arn%3A78010019%3Arqn%3A1%3Au%3A16341819871019462884%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634181986438%3Adsn%3A19%2C26%2C22%2C1%2C0%2C0%2C%2C313%2C23%2C%2C%2C%2C384%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634181987%3At%3A%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&t=gdpr%2814%29ti%282%29
Request Chain 122
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 123
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 130
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

136 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ekapustazajm.24bank.su/ 		44 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
2a79aa7ef0b72622fdc1e0018720150c808b289e7c0a2716a3e58b2a84b1d675

Request headers

:method
GET
:authority
ekapustazajm.24bank.su
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.18.0
date
Thu, 14 Oct 2021 03:26:26 GMT
content-type
text/html; charset=UTF-8
content-length
10529
vary
Accept-Encoding,Cookie
last-modified
Wed, 13 Oct 2021 10:43:44 GMT
etag
"2921-5ce39a2db4008"
accept-ranges
bytes
cache-control
max-age=0, public
expires
Thu, 14 Oct 2021 03:26:26 GMT
referrer-policy
pragma
public
content-encoding
gzip
autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
ekapustazajm.24bank.su/wp-content/cache/autoptimize/css/ 		62 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/cache/autoptimize/css/autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
69501c1f3e5d97cec91d6806bfae53d41490e2eb4a18ba5417fdb71df084d7e9

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 15:03:35 GMT
server
nginx/1.18.0
etag
W/"5f106c47-f70d"
content-type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 19:26:43 GMT
x-content-type-options
nosniff
age
460783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95786
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 08 Oct 2022 19:26:43 GMT
autoptimize_b3d692035e59b746cfa687f5a18d2d57.js
ekapustazajm.24bank.su/wp-content/cache/autoptimize/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/cache/autoptimize/js/autoptimize_b3d692035e59b746cfa687f5a18d2d57.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
b27bf8d902f81d740b7a03b8c6b6912ed1ed07260e9dc5664a0f1f1aef82f3d8

Request headers

:path
/wp-content/cache/autoptimize/js/autoptimize_b3d692035e59b746cfa687f5a18d2d57.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 15:03:35 GMT
server
nginx/1.18.0
etag
W/"5f106c47-2757"
content-type
application/javascript; charset=utf-8
ea71905467a9caf62d7da940b696f9651388ee15.js
allstat-pp.ru/2667/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allstat-pp.ru/2667/ea71905467a9caf62d7da940b696f9651388ee15.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
92.38.252.165 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
1c674b43278c242be73f024b21976becf88bb6e5435eed75e5789e20a3d9cda1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 10:25:36 GMT
server
nginx/1.16.1
etag
W/"611ce020-72f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
611231d7d6bc23accc6e582026e3af1300e8360effa57b00656de22a1587f6f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51422
x-xss-protection
0
server
cafe
etag
8265321637022950730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 03:26:26 GMT
logo.png
ekapustazajm.24bank.su/wp-content/themes/ekapustazajm/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ekapustazajm.24bank.su/wp-content/themes/ekapustazajm/images/logo.png
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
46b047af9c590cf86b60f5484f44fcfaa90faca0ff79f37133f612d8066eafff

Request headers

:path
/wp-content/themes/ekapustazajm/images/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
last-modified
Thu, 16 Jul 2020 14:59:06 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"5f106b3a-98c"
content-length
2444
content-type
image/png
lazy_placeholder.gif
ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/images/ 		42 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
last-modified
Thu, 16 Jul 2020 14:59:17 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"5f106b45-2a"
content-length
42
content-type
image/gif
front.min.js
ekapustazajm.24bank.su/wp-content/plugins/table-of-contents-plus/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path
/wp-content/plugins/table-of-contents-plus/front.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 14:59:13 GMT
server
nginx/1.18.0
etag
W/"5f106b41-17cb"
content-type
application/javascript; charset=utf-8
jquery.bxslider.min.js
ekapustazajm.24bank.su/wp-content/themes/ekapustazajm/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/themes/ekapustazajm/js/jquery.bxslider.min.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
b0ed7256ad6c2f44037d68adcbc5139635d49f99b4fb4ae97876b3264bf714bf

Request headers

:path
/wp-content/themes/ekapustazajm/js/jquery.bxslider.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 14:59:06 GMT
server
nginx/1.18.0
etag
W/"5f106b3a-5bfd"
content-type
application/javascript; charset=utf-8
scripts.js
ekapustazajm.24bank.su/wp-content/themes/ekapustazajm/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/themes/ekapustazajm/js/scripts.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
c297fc6b646ba245dda790aa12134d618e1cb2802ec13f9bbb1f1ac94a9a2cd6

Request headers

:path
/wp-content/themes/ekapustazajm/js/scripts.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 14:59:06 GMT
server
nginx/1.18.0
etag
W/"5f106b3a-21da"
content-type
application/javascript; charset=utf-8
q2w3-fixed-widget.min.js
ekapustazajm.24bank.su/wp-content/plugins/q2w3-fixed-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
10c86b787eec802ee5cad865137e429228f7be0f15444e656e8ca84d933c3a46

Request headers

:path
/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 14:59:14 GMT
server
nginx/1.18.0
etag
W/"5f106b42-1094"
content-type
application/javascript; charset=utf-8
jquery.lazyloadxt.extra.min.js
ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 14:59:17 GMT
server
nginx/1.18.0
etag
W/"5f106b45-bc6"
content-type
application/javascript; charset=utf-8
jquery.lazyloadxt.srcset.min.js
ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 		1 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
0a9e05fa3d5632de3fa9bc89b1e59ad5c93e2f3017675c2f9610623bc9a33eb1

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 14:59:17 GMT
server
nginx/1.18.0
etag
W/"5f106b45-543"
content-type
application/javascript; charset=utf-8
jquery.lazyloadxt.extend.js
ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 		792 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
f3c666d75eeb7a517edef5cd6fc4db0c45f5e3e1442c603ae4fa77d93e4ece7a

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 14:59:17 GMT
server
nginx/1.18.0
etag
W/"5f106b45-318"
content-type
application/javascript; charset=utf-8
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 14:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 07 Oct 2022 14:38:56 GMT
loading.gif
ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ekapustazajm.24bank.su/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/wp-content/cache/autoptimize/css/autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/wp-content/cache/autoptimize/css/autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/wp-content/cache/autoptimize/css/autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
last-modified
Thu, 16 Jul 2020 14:59:17 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"5f106b45-69a"
content-length
1690
content-type
image/gif
bq_bg.png
ekapustazajm.24bank.su/wp-content/themes/ekapustazajm/images/ 		368 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ekapustazajm.24bank.su/wp-content/themes/ekapustazajm/images/bq_bg.png
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/wp-content/cache/autoptimize/css/autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
5941254dbe5da13acc360c8445b488a17faae1fb1a2c1338fdf60769225ecc20

Request headers

:path
/wp-content/themes/ekapustazajm/images/bq_bg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/wp-content/cache/autoptimize/css/autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/wp-content/cache/autoptimize/css/autoptimize_365c67e8c163c6ebff2073f0e398a48d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
last-modified
Thu, 16 Jul 2020 14:59:06 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"5f106b3a-170"
content-length
368
content-type
image/png
watch.js
mc.yandex.ru/metrika/ 		128 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
35cab8a3f4129d4ec34ba04a05b078cf48feaf1f1ca88503416ef428790238b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
content-encoding
br
last-modified
Wed, 13 Oct 2021 15:51:32 GMT
etag
"6166d654-b650"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
46672
expires
Thu, 14 Oct 2021 04:26:26 GMT
widget.beegl.js
core.bee.gl/ 		181 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.bee.gl/widget.beegl.js
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.92.100.238 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b311eaf0a3044651d0a0b86908790f9b090b7a25d82c384eaa90e5b12b12e91e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
last-modified
Thursday, 14-Oct-2021 03:26:27 GMT
server
nginx/1.14.0 (Ubuntu)
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
55405
content-type
application/javascript
e-kapusta.jpg
ekapustazajm.24bank.su/wp-content/uploads/2018/09/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ekapustazajm.24bank.su/wp-content/uploads/2018/09/e-kapusta.jpg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
94f77ad5cc709af0619b2fcdf1ef5cf866037fae156e619b781ec3b6c81f66d2

Request headers

:path
/wp-content/uploads/2018/09/e-kapusta.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ekapustazajm.24bank.su
referer
https://ekapustazajm.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:26 GMT
last-modified
Thu, 16 Jul 2020 14:59:06 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"5f106b3a-1a1d8"
content-length
106968
content-type
image/jpeg
css
fonts.googleapis.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
eafe160c631fe12e8295a70b1f984d23fe9a988f47c3768683927c69554e6b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 03:26:27 GMT
server
ESF
date
Thu, 14 Oct 2021 03:26:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 03:26:27 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99876
x-xss-protection
0
server
cafe
etag
5725214712622718827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 03:26:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 488C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211011/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ekapustazajm.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 21:25:32 GMT
expires
Wed, 27 Oct 2021 21:25:32 GMT
content-type
text/html; charset=UTF-8
etag
414810510046348021
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4645
x-xss-protection
0
age
21655
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ekapustazajm.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
39286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:41 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ekapustazajm.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 03:41:26 GMT
x-content-type-options
nosniff
age
85501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 03:41:26 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ekapustazajm.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:57 GMT
x-content-type-options
nosniff
age
39270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:57 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ekapustazajm.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:23:18 GMT
x-content-type-options
nosniff
age
93789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 01:23:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ekapustazajm.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:45 GMT
x-content-type-options
nosniff
age
39282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:45 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9425.ii-4NHV2lD-6tZQ39KXUXxIfF3sqy9Ki56jdJUppqljcJGwteJaK5IsN7klUl4zq.jxIrte3fk3dBNKvOIvWYOwiHHp8%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9425.3HB-Y4eKhTy2CKaLLViCGCZIH-u1V9QJUDADjzuGXd74-pc5ZtPMVhfXGeNk3rEoE1gGUsKE4Q1GPsDLYgjIKA%2C%2C.828Hd3BG9T_y5tO6b9eNTB9jTP4%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9425.3HB-Y4eKhTy2CKaLLViCGCZIH-u1V9QJUDADjzuGXd74-pc5ZtPMVhfXGeNk3rEoE1gGUsKE4Q1GPsDLYgjIKA%2C%2C.828Hd3BG9T_y5tO6b9eNTB9jTP4%2C
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9425.3HB-Y4eKhTy2CKaLLViCGCZIH-u1V9QJUDADjzuGXd74-pc5ZtPMVhfXGeNk3rEoE1gGUsKE4Q1GPsDLYgjIKA%2C%2C.828Hd3BG9T_y5tO6b9eNTB9jTP4%2C
date
Thu, 14 Oct 2021 03:26:27 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ 		199 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ekapustazajm.24bank.su&callback=_gfp_s_&client=ca-pub-1114993438075446
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f3931e1eea6ea15a5b56c00039787d812ea41429a8f0c81ff0cc0a03c9e95823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ekapustazajm.24bank.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ekapustazajm.24bank.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9403 		131 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=3025194257&lmt=1634121824&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986893&bpp=4&bdt=382&idt=304&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3046616529035&frm=20&pv=2&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b16a78964ae12528e5e447937d806dc41ce155fbaff4f77cf5a11fcf941a7c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=3025194257&lmt=1634121824&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986893&bpp=4&bdt=382&idt=304&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3046616529035&frm=20&pv=2&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ekapustazajm.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Oct 2021 03:26:27 GMT
server
cafe
content-length
32875
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 03:41:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 03:26:27 GMT
cache-control
private
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
last-modified
Wed, 13 Oct 2021 15:51:32 GMT
etag
"6166d654-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 14 Oct 2021 04:26:27 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BA50 		90 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b30ed5fcf3bb68fb5fb8157929bcf82d3ea9df29bff4d983e76a9468ee3a1640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ekapustazajm.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Oct 2021 03:26:27 GMT
server
cafe
content-length
30813
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 03:41:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 03:26:27 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame FFE3 		136 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
41a50386fcaa2353b4768e9467949668e34e65238d4d3a741c733fec7d574961
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO_w8qb6yPMCFRlB4AodCHgEEw&gqi=Y6NnYZz4HJGw3gPgo6eoDQ&layout=/sadbundle/%24csp%253Der3%24/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ekapustazajm.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO_w8qb6yPMCFRlB4AodCHgEEw&gqi=Y6NnYZz4HJGw3gPgo6eoDQ&layout=/sadbundle/%24csp%253Der3%24/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Oct 2021 03:26:27 GMT
server
cafe
content-length
42836
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 03:41:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 03:26:27 GMT
cache-control
private
tag.js
mc.yandex.ru/metrika/ 		188 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: core.bee.gl
URL: https://core.bee.gl/widget.beegl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
br
last-modified
Wed, 13 Oct 2021 15:51:32 GMT
etag
"6166d654-10040"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65600
expires
Thu, 14 Oct 2021 04:26:27 GMT
index.html
core.bee.gl/ Frame CBD9 		1 KB
683 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
Requested by
Host: core.bee.gl
URL: https://core.bee.gl/widget.beegl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.92.100.238 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e2df980c7914227e335304834f8801fe09cfaaac5ea72b119aba7050bd64f8de

Request headers

:method
GET
:authority
core.bee.gl
:scheme
https
:path
/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ekapustazajm.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Thu, 14 Oct 2021 03:26:27 GMT
content-type
text/html
content-length
494
content-encoding
gzip
last-modified
Thursday, 14-Oct-2021 03:26:27 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
1
mc.yandex.com/watch/65665441/
Redirect Chain
  • https://mc.yandex.com/watch/65665441?wmode=7&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbd8xdjs5a54k%3Afp%3A283%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/65665441/1?wmode=7&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbd8xdjs5a54k%3Afp%3A283%3Afu%3A0%3Aen%3Autf...
331 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/65665441/1?wmode=7&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbd8xdjs5a54k%3Afp%3A283%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A816741070574%3Ahid%3A171447890%3Az%3A0%3Ai%3A202101014032627%3Aet%3A1634181987%3Ac%3A1%3Arn%3A78010019%3Arqn%3A1%3Au%3A16341819871019462884%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634181986438%3Adsn%3A19%2C26%2C22%2C1%2C0%2C0%2C%2C313%2C23%2C%2C%2C%2C384%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634181987%3At%3A%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&t=gdpr%2814%29ti%282%29
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
4fb261e1c861553e6f87a58d9e3d8e07517e186e2aec47b7730e264701f61c85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 14-Oct-2021 03:26:27 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ekapustazajm.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 03:26:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:27 GMT
last-modified
Thu, 14-Oct-2021 03:26:27 GMT
location
/watch/65665441/1?wmode=7&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbd8xdjs5a54k%3Afp%3A283%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A816741070574%3Ahid%3A171447890%3Az%3A0%3Ai%3A202101014032627%3Aet%3A1634181987%3Ac%3A1%3Arn%3A78010019%3Arqn%3A1%3Au%3A16341819871019462884%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634181986438%3Adsn%3A19%2C26%2C22%2C1%2C0%2C0%2C%2C313%2C23%2C%2C%2C%2C384%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634181987%3At%3A%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ekapustazajm.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 03:26:27 GMT
54551386
mc.yandex.com/watch/ 		350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54551386?wmode=7&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A283%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A0%3Als%3A83586637635%3Ahid%3A171447890%3Az%3A0%3Ai%3A202101014032627%3Aet%3A1634181988%3Ac%3A1%3Arn%3A584914470%3Arqn%3A1%3Au%3A16341819871019462884%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634181986438%3Adsn%3A19%2C26%2C22%2C1%2C0%2C0%2C%2C313%2C23%2C%2C%2C%2C384%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634181988%3At%3A%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
0a607bacc3c9db966cc314d146a1029d2cb5c8939101d17dd93a52b13aa41fb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 14-Oct-2021 03:26:27 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ekapustazajm.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 03:26:27 GMT
css
fonts.googleapis.com/ Frame CBD9 		4 KB
620 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600,700&subset=cyrillic
Requested by
Host: core.bee.gl
URL: https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://core.bee.gl/
Origin
https://core.bee.gl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 03:26:27 GMT
server
ESF
date
Thu, 14 Oct 2021 03:26:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 03:26:27 GMT
1.cc749f5943bd7419fb1e.css
core.bee.gl/ Frame CBD9 		2 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://core.bee.gl/1.cc749f5943bd7419fb1e.css
Requested by
Host: core.bee.gl
URL: https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.92.100.238 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
last-modified
Thursday, 14-Oct-2021 03:26:27 GMT
server
nginx/1.14.0 (Ubuntu)
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
803
content-type
text/css
main.cc749f5943bd7419fb1e.css
core.bee.gl/ Frame CBD9 		55 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://core.bee.gl/main.cc749f5943bd7419fb1e.css
Requested by
Host: core.bee.gl
URL: https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.92.100.238 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2123cece9ec46dedcc185050c9d3aa33137f8304d7235a780ad5e9b46075d84e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
last-modified
Thursday, 14-Oct-2021 03:26:27 GMT
server
nginx/1.14.0 (Ubuntu)
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
27490
content-type
text/css
vendor.fe73a878f99d77ba4073.js
core.bee.gl/ Frame CBD9 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.bee.gl/vendor.fe73a878f99d77ba4073.js
Requested by
Host: core.bee.gl
URL: https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.92.100.238 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3f684aad7a251139693f26ce62800fb7a25dfcc28e117458a4c355b4c037613

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
last-modified
Thursday, 14-Oct-2021 03:26:27 GMT
server
nginx/1.14.0 (Ubuntu)
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
66397
content-type
application/javascript
bundle.cc749f5943bd7419fb1e.js
core.bee.gl/ Frame CBD9 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.bee.gl/bundle.cc749f5943bd7419fb1e.js
Requested by
Host: core.bee.gl
URL: https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.92.100.238 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
270ec41eac3531a8a8e0331e1559c454f424139237cfd9879f0aa4ac766ae436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
last-modified
Thursday, 14-Oct-2021 03:26:27 GMT
server
nginx/1.14.0 (Ubuntu)
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
7145
content-type
application/javascript
1
mc.yandex.com/watch/54551386/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54551386/1?page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A0%3Als%3A83586637635%3Ahid%3A171447890%3Az%3A0%3Ai%3A202101014032627%3Aet%3A1634181988%3Ac%3A1%3Arn%3A723614050%3Arqn%3A2%3Au%3A16341819871019462884%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634181986438%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634181988&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekapustazajm.24bank.su/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:27 GMT
last-modified
Thu, 14-Oct-2021 03:26:27 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ekapustazajm.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 03:26:27 GMT
430
core.bee.gl/api/v1/platforms/ Frame CBD9 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://core.bee.gl/api/v1/platforms/430
Requested by
Host: core.bee.gl
URL: https://core.bee.gl/vendor.fe73a878f99d77ba4073.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.92.100.238 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
14aca3a4eac5f97115f7dad1a717e1ca488696806e20055d7628f30fbae69c9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
54551386
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54551386?page-url=goal%3A%2F%2Fekapustazajm.24bank.su%2FWIDGET_LOADED&page-ref=https%3A%2F%2Fekapustazajm.24bank.su%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A0%3Als%3A83586637635%3Ahid%3A171447890%3Az%3A0%3Ai%3A202101014032627%3Aet%3A1634181988%3Ac%3A1%3Arn%3A737148908%3Arqn%3A3%3Au%3A16341819871019462884%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634181986438%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634181988%3At%3A%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:27 GMT
last-modified
Thu, 14-Oct-2021 03:26:27 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ekapustazajm.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 03:26:27 GMT
truncated
/ 		749 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9682a724855c240af766febd2b38f253c6f23dc8680bc5f9b2ccbc4a36ac46a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		693 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d27c9b772c04136aaa20c82a7af3448ef1b034e66f3d8629024bf2e94057c4f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		605 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9113ca71e278c1bbf5a9b9ef583c69d9aa24c17a0be61ced00180cb1d3881e2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		317 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56abe905cffac220a8f3a3d840a33d03c29525aa5356dab88cf2f3ee07758478

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
P95XNVPMS2rle6xXTk3fEjpc0i6Vd0P0QrxeqFUB.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/P95XNVPMS2rle6xXTk3fEjpc0i6Vd0P0QrxeqFUB.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
95b3cbe92efea6a44d78d59fb4ecee7787f36ed67726bd3f50b7c8c3a64b9202

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 12:35:19 GMT
last-modified
Mon, 17 Feb 2020 15:10:32 GMT
age
53469
etag
"a2b9b8b4e3425ae41437a211706687e0"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
8681
accept-ranges
bytes
x-trans-id
15f4392c339a6ffd
x-timestamp
1581952231.15061
LBBpPBF5nq8rdKohUIoUMpJxI71p3GtXx5zhniLH.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/LBBpPBF5nq8rdKohUIoUMpJxI71p3GtXx5zhniLH.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
ceddd46049e798a3208daa8404fb58f9e57c8873bcd65d512930b287dd8d8044

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 22:37:27 GMT
last-modified
Mon, 17 Feb 2020 12:42:56 GMT
age
17341
etag
"979ed06de7b4fbcc1645f7194525ddbd"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
3257
accept-ranges
bytes
x-trans-id
15f4311e4d6b54ec
x-timestamp
1581943375.34210
Xu1v5AdB28jzqx00jjwEFtNPFwvAlmWqJn5EvC2a.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/Xu1v5AdB28jzqx00jjwEFtNPFwvAlmWqJn5EvC2a.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
76af119439f11064b75e81d4205acecf5ef06165b209ac67dd082407ec4b551b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:35:25 GMT
last-modified
Tue, 18 Feb 2020 10:10:09 GMT
age
75063
etag
"316e58cb21efff380200865f9326d1d9"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
5830
accept-ranges
bytes
x-trans-id
15f4775c6e064449
x-timestamp
1582020608.00272
bRq8S2fLAGnTHHQoeb50Sfc1iACEDVd43yxoTCp9.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/bRq8S2fLAGnTHHQoeb50Sfc1iACEDVd43yxoTCp9.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
1c1b62d0f0afaaa72498c1f95a6bce8db4fd9cc845b173e969dd0b87ed8d24e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:34 GMT
last-modified
Tue, 11 Feb 2020 13:20:44 GMT
age
93654
etag
"2ce81c9ee4c8b147ef0451697aa13b67"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
4837
accept-ranges
bytes
x-trans-id
15f25bb314de5fe7
x-timestamp
1581427243.87710
ZLjvDALNlkiQy2v9RyWx9ebNbgVb3zpEvyygONKD.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/ZLjvDALNlkiQy2v9RyWx9ebNbgVb3zpEvyygONKD.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
ea1a9f0adcea63a685834433f175b8646d4074205a011bc0f78b4d46763aef17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:14:19 GMT
last-modified
Tue, 18 Feb 2020 09:36:29 GMT
age
58329
etag
"5ee56f6e9a2670d52fee3256bd67a74f"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
3295
accept-ranges
bytes
x-trans-id
15f4758645593435
x-timestamp
1582018588.68828
dwcvJmgPv9dnf93GREaZHjKNCkKZhLXpNF3b5R4B.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/dwcvJmgPv9dnf93GREaZHjKNCkKZhLXpNF3b5R4B.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
2fd5c0c5fc8435f8c67b855ba2b9c0cf259c120e2cdc887f1b38d66b57687817

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:55:31 GMT
last-modified
Mon, 17 Feb 2020 15:21:32 GMT
age
55857
etag
"9f13892a1c202e8c65545d741bb0fc72"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
4484
accept-ranges
bytes
x-trans-id
15f439c5dbdf6b02
x-timestamp
1581952891.09742
eB9w8Hi2HyoFFevO9Ql8VyGzX12SRVUGiFWltsF1.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/eB9w8Hi2HyoFFevO9Ql8VyGzX12SRVUGiFWltsF1.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
c6023a1e947bd55c70c83fd92774ed45c0eccbd580f0899e3c0ac6bcab28e5f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 12:05:05 GMT
last-modified
Mon, 17 Feb 2020 14:21:45 GMT
age
55283
etag
"fdaa27ffaa7ea888dc70617078cc50b5"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
4458
accept-ranges
bytes
x-trans-id
15f43682b3b494a2
x-timestamp
1581949304.12279
89oaMfcolz4lDNoJJLbIHZVdU49eQSX4x9S6YaR8.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/89oaMfcolz4lDNoJJLbIHZVdU49eQSX4x9S6YaR8.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
c63c45fbf5be557da8f5f8639546cd05a0315d4f030f327373676c7288ab7593

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 10:50:17 GMT
last-modified
Wed, 12 Feb 2020 09:46:00 GMT
age
59771
etag
"2e6a826ca5b55026311ef17ec8021448"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
4125
accept-ranges
bytes
x-trans-id
15f29e8fb8565dc6
x-timestamp
1581500759.27482
6VavHzxz2ufopoLVrENUU6cfHuFST8FVehYrrbjT.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/6VavHzxz2ufopoLVrENUU6cfHuFST8FVehYrrbjT.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
9b08bda5e8385578d22177a86da3dc0e9d30f4d07a65ccdd1515c73899a99cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:03:29 GMT
last-modified
Wed, 12 Feb 2020 09:22:36 GMT
age
37379
etag
"7d0dc03191d192cac9c798aab9f3aff2"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
6877
accept-ranges
bytes
x-trans-id
15f29d48ce52d7ed
x-timestamp
1581499355.19024
SsWPBMu9TOCRzWgjmlfXHjMKCaXR9VdYbPfWkWIp.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/SsWPBMu9TOCRzWgjmlfXHjMKCaXR9VdYbPfWkWIp.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
05b490b45b06c3c4f5eec83830f313be90d2d7f65f10b2ae422549fcbc0ec5ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:19:11 GMT
last-modified
Wed, 12 Feb 2020 13:16:07 GMT
age
11237
etag
"bd4413355dc4457858bb55297770b4a5"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
3232
accept-ranges
bytes
x-trans-id
15f2aa06fcbe2caf
x-timestamp
1581513366.17867
l9XToZ54o6aGdhtCgicB4Iok4RxuY1mCclKLg7xG.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/l9XToZ54o6aGdhtCgicB4Iok4RxuY1mCclKLg7xG.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
a0e1d00234de24de2a21abafa73f511b98539110c88b08ffb3dfe90a9e9c0dc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 14:06:41 GMT
last-modified
Thu, 13 Feb 2020 13:50:50 GMT
age
47987
etag
"a07147e2d60caa86e6ed43d1137daa6e"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
3266
accept-ranges
bytes
x-trans-id
15f2fa80a73f218e
x-timestamp
1581601849.67998
BYStvLBiDiOUw3HyQbpR8rWGLQP8JKiHSwXe0MWp.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/BYStvLBiDiOUw3HyQbpR8rWGLQP8JKiHSwXe0MWp.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
1d46088822673f396e2f4aa11b59b1b662192c57cefc253b56418a2e79b3cf34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:59:23 GMT
last-modified
Tue, 18 Feb 2020 12:25:49 GMT
age
55625
etag
"7510d1053623340cdcf4b179b51826ba"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
1572
accept-ranges
bytes
x-trans-id
15f47ec3aef31a55
x-timestamp
1582028748.11395
UfoRWJYxcnksuTBsqFM3HccdzNUmK8uc8Aczm8v3.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/UfoRWJYxcnksuTBsqFM3HccdzNUmK8uc8Aczm8v3.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
ff06fb1a2c0b1ee0a556df35453503834b2f8cf6b79914b6581724403074aa23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 21:31:28 GMT
last-modified
Fri, 16 Oct 2020 14:53:48 GMT
age
21300
etag
"01ad907a027806c01653cf3afef0f380"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
2905
accept-ranges
bytes
x-trans-id
163e80b3d77aa046
x-timestamp
1602860027.29759
8fQfDXVGLZVAL5YQKurKwTILUaY1aKm3EMXDhjTA.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/8fQfDXVGLZVAL5YQKurKwTILUaY1aKm3EMXDhjTA.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
b872973d37fb399644413211d58d0aef96f76e5f7b29d36f643055fcbf251953

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 00:11:25 GMT
last-modified
Mon, 17 Feb 2020 13:27:36 GMT
age
98103
etag
"b52fb7c8daddb7d54672864bf3d57124"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
4434
accept-ranges
bytes
x-trans-id
15f4338e6698fd06
x-timestamp
1581946055.81721
3X8AC6ehYjCh3RLCCGKpjduyko0hHMnW7Gm78a51.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/3X8AC6ehYjCh3RLCCGKpjduyko0hHMnW7Gm78a51.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
99d3120abef99afd220a119a71b162cd13c85d4047bb4b291d7bf02510128c7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:01:38 GMT
last-modified
Mon, 17 Feb 2020 12:08:41 GMT
age
51890
etag
"0189cc25dbba271d47adc95ff12d5eb0"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
3569
accept-ranges
bytes
x-trans-id
15f42f3fe831d5b4
x-timestamp
1581941320.66090
s0khzOue3r0tASoVasK1iCBulSf1R2EsgaQRTtuF.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/s0khzOue3r0tASoVasK1iCBulSf1R2EsgaQRTtuF.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
0ef341168e500646ff2db05379b6056f7cb58cfb64c9e70ca3c2c3dd908f3d54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:28:40 GMT
last-modified
Tue, 18 Feb 2020 12:33:51 GMT
age
50268
etag
"46144f6077ccc93eadf5f76c00be1ab9"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
4559
accept-ranges
bytes
x-trans-id
15f47f33f90b30b8
x-timestamp
1582029230.31821
kciJBgbUPPR4ztfVsjD0AXSDl9uJxSpoAshTbT5o.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/kciJBgbUPPR4ztfVsjD0AXSDl9uJxSpoAshTbT5o.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
fdbbb2f86aad43b5ecffd6704cea37cd9457cba6d80f70138816708cb4e054f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:11:40 GMT
last-modified
Thu, 20 Feb 2020 10:14:52 GMT
age
51288
etag
"38b510f8632572d475110ef958e267b4"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
1087
accept-ranges
bytes
x-trans-id
15f514c78a84525c
x-timestamp
1582193691.35173
jPYllYMC097RRwNj04f2iLuts8Ez5dpOopr9V1jo.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		650 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/jPYllYMC097RRwNj04f2iLuts8Ez5dpOopr9V1jo.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
06d864f3caca02cd885235987d417f73097080071638536046e893b146b28667

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:41:51 GMT
last-modified
Thu, 13 Feb 2020 09:49:45 GMT
age
63877
etag
"85e8a04489e981bd8351033d0d906437"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
650
accept-ranges
bytes
x-trans-id
15f2ed58c1bbed10
x-timestamp
1581587384.62848
DkMLgbS0XyeUAkXd6WYdv7pM435WyGpn3k1WNoSg.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/DkMLgbS0XyeUAkXd6WYdv7pM435WyGpn3k1WNoSg.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
2e3ac1613a2b1925a8a1bb40e020a20a467317ea0eb00332d300d0eeb116e377

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:26:37 GMT
last-modified
Mon, 17 Feb 2020 14:46:46 GMT
age
39591
etag
"eea114f324530993bdcfed6a81013838"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
5849
accept-ranges
bytes
x-trans-id
15f437e0315e6ff1
x-timestamp
1581950805.15922
5XyLILYWOMfm31GXTIBnAVRa67TpdxI4Xd9V7zI1.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/5XyLILYWOMfm31GXTIBnAVRa67TpdxI4Xd9V7zI1.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
3deaede57a187d3950ac48f49081371b953e009038c2d39d2039388834536ce5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:28:17 GMT
last-modified
Thu, 03 Jun 2021 11:03:41 GMT
age
28691
etag
"35472c76b873d2eb381925032b2c8ba8"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
2432
accept-ranges
bytes
x-trans-id
16850d9fa7904cf3
x-timestamp
1622718220.11133
7wkxBJFPxAYtzkhVqQXD0zexEFshg5oldTs0PSGz.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/7wkxBJFPxAYtzkhVqQXD0zexEFshg5oldTs0PSGz.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
6ee1308ac3c9a65a4de8c80a32673e55cbff4aacaaf3fb9b494422d8ac127e6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 21:14:21 GMT
last-modified
Mon, 17 Feb 2020 15:04:54 GMT
age
22327
etag
"e4222ea43ab5431701f303f540482a33"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
2595
accept-ranges
bytes
x-trans-id
15f438dd8ea74559
x-timestamp
1581951893.35540
wjRADIARfvSljqTSXqAtHz82CnlzKfg3wTakWV5D.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/wjRADIARfvSljqTSXqAtHz82CnlzKfg3wTakWV5D.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
ecf3b71e829e2fcdf38156e23d0398e6d9061cf450a63efc29c868683e34614e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:50:17 GMT
last-modified
Mon, 14 Sep 2020 13:54:00 GMT
age
38171
etag
"62e45bf9c1103c4ecbad4eecd1ef6577"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
1761
accept-ranges
bytes
x-trans-id
1634aade659b5698
x-timestamp
1600091639.82402
junEptgTyO48GUZQ7wiahD4IruqQ0sG5so4JDibJ.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/junEptgTyO48GUZQ7wiahD4IruqQ0sG5so4JDibJ.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
f85c0c31350a1cd2211ee943ec3c3cffb448e2afba73d3875807a85df3093a41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:34:07 GMT
last-modified
Thu, 13 Feb 2020 13:52:35 GMT
age
35541
etag
"5947e001845cbf6cfd823914c69b790c"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
3275
accept-ranges
bytes
x-trans-id
15f2fa990e6b1721
x-timestamp
1581601954.45530
vhF3Uoz5YDgyeWqWbEHVTj36vcfQW3TlIs3tT3JT.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/vhF3Uoz5YDgyeWqWbEHVTj36vcfQW3TlIs3tT3JT.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
d331e00dd14b917d5120a6ac7b95977c10535a013f2c10d2c0f5250cda8821b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:33:32 GMT
last-modified
Tue, 18 Feb 2020 09:47:20 GMT
age
57176
etag
"1a0d3a611df92c90717fe6e4ec511e47"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
4665
accept-ranges
bytes
x-trans-id
15f4761dd35f5869
x-timestamp
1582019239.59509
8VHTcKYwnkzqJKElniVW77NNRb2dQGaITBUduvOm.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/8VHTcKYwnkzqJKElniVW77NNRb2dQGaITBUduvOm.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
cbb5349b02742a66e9b83823d63ef9adda4cadaff1924e05679cdb9341afe62f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:32:49 GMT
last-modified
Mon, 17 Feb 2020 14:37:56 GMT
age
57219
etag
"f5c6bc73d8c11966e9a60b93ea5ed115"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
4185
accept-ranges
bytes
x-trans-id
15f43764edc72da3
x-timestamp
1581950275.75931
xmZKGCgbzulKQgEMIgkhzY1EBPfIhnlpqvSjunfs.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/xmZKGCgbzulKQgEMIgkhzY1EBPfIhnlpqvSjunfs.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
1fa514a1b9e3364e81a23f10c849f9b33c4862af84da9c039dd76cac0370ea72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:45:24 GMT
last-modified
Mon, 17 Feb 2020 15:37:40 GMT
age
49264
etag
"29f6c07922f0f4e0627d9c9ba344ee0f"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
771
accept-ranges
bytes
x-trans-id
15f43aa76f06745b
x-timestamp
1581953859.94622
TulGrys6ydaQD9FN9MsxXvxmSlkoTAfRp0ByCKGP.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/TulGrys6ydaQD9FN9MsxXvxmSlkoTAfRp0ByCKGP.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
17ac751b43933a9b01995bda136a278c0de836faaa037f4b018a53a3a239f8db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 05:23:25 GMT
last-modified
Mon, 17 Feb 2020 14:13:22 GMT
age
79383
etag
"7f2a483f1c7e2c1376db83b92062394c"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
11009
accept-ranges
bytes
x-trans-id
15f4360d99e33011
x-timestamp
1581948801.16672
uiBS6SPb59is3laNIQ7Jd9PPhhLGwC9oOgl7pgUN.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/uiBS6SPb59is3laNIQ7Jd9PPhhLGwC9oOgl7pgUN.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
c8152ef8b4cfe7866d981f965db2ac14271523b9563b93521350185e9b1dc0c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 15:52:40 GMT
last-modified
Tue, 18 Feb 2020 12:28:29 GMT
age
41628
etag
"cd9c5557690fa142e2d4a6f3796f6989"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
1598
accept-ranges
bytes
x-trans-id
15f47ee916bc6619
x-timestamp
1582028908.70567
tkxzbWyIVm0CclCEabEYAEsRhoZBA98t8tjKuiSk.svg
133921.selcdn.ru/staging_cpashka/offer-details/logos/ Frame CBD9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://133921.selcdn.ru/staging_cpashka/offer-details/logos/tkxzbWyIVm0CclCEabEYAEsRhoZBA98t8tjKuiSk.svg
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.53.68.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
99d3120abef99afd220a119a71b162cd13c85d4047bb4b291d7bf02510128c7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.bee.gl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:23:19 GMT
last-modified
Tue, 16 Jun 2020 13:46:51 GMT
age
189
etag
"0189cc25dbba271d47adc95ff12d5eb0"
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Access-Control-Allow-Methods, Access-Control-Allow-Origin
content-length
3569
accept-ranges
bytes
x-trans-id
16190a3f4b248766
x-timestamp
1592315210.22484
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/reactive_library_fy2019.js?bust=31063101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3a9fde73ab4eed86a484b3ddb02e285cead10a46c95d7915c2ff9a490a711a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52637
x-xss-protection
0
server
cafe
etag
6817435743625754192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 03:26:28 GMT
e8e197e378ee874e03267c2064571e79.js
www.gstatic.com/mysidia/ Frame BA50 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e8e197e378ee874e03267c2064571e79.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
7ce8fde1e19d45e140ba1f2e2756d7e564eb85c8888cc49547ee6a7cf87bc081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 07:44:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3152
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 05:48:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 05 Jan 2022 07:44:32 GMT
6cfce8a19e8436dfedf3d88a9491c013.js
www.gstatic.com/mysidia/ Frame BA50 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6cfce8a19e8436dfedf3d88a9491c013.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
9ecb912e3d60eed3050ca2825ff8dc7796d86154539d1c0c8a5d819430c5b9db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 07:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3411
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 05:48:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 05 Jan 2022 07:44:39 GMT
css
fonts.googleapis.com/ Frame BA50 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:51:08 GMT
server
ESF
date
Thu, 14 Oct 2021 03:26:28 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 03:26:28 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame BA50 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:12:35 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame BA50 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2716
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 02:41:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame BA50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:13:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA50 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 03:26:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame BA50 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:14:27 GMT
94b9e9edb15b7c220f12fa63d878a5af.js
www.gstatic.com/mysidia/ Frame BA50 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11213
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 05:48:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 10 Jan 2022 11:08:32 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ekapustazajm.24bank.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 03:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ekapustazajm.24bank.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 03:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame D942 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ekapustazajm.24bank.su/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 21:28:04 GMT
expires
Wed, 27 Oct 2021 21:28:04 GMT
content-type
text/html; charset=UTF-8
etag
414810510046348021
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4645
x-xss-protection
0
age
21504
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DISPLAY_DE970_x250.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/ Frame D13D 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
c97d9cbf4dfbc061188016f630c62cc7f93e89c3e275561e244b94fcbe5bc17c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
1285
date
Mon, 11 Oct 2021 23:26:57 GMT
expires
Tue, 11 Oct 2022 23:26:57 GMT
last-modified
Fri, 06 Aug 2021 12:33:45 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
187171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame D1F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgqdkY6NnYa-zHZmCgQeI8JGYAcuk2t5lhevAkowO9JDI-5oCEAEgtLj-ImCV4pCCoAegAc_l99UDyAEJqQJUtRUXrHOzPqgDAcgDSKoE1QFP0ECp7xiix-33mldLG0PB9TpO-IvUXVt5Q-78xyRvp7he80Mlggc_3vN979voaTJBERAVLXuB3elL44t0wevq41JCNw8OTvBz-IaQilA7UjzDJ-CiLDofEvjdk-rcMCZm33PLDLAsBUwsdl8YW8gCsNpNdPRAd1W9Z63kUphZhG9fh6hdNp1bsebK5kBMUAekpbzVohHkyFumrqNjB8qXJx63kE_n2AkVnZy8ffiGXkz9oF3cMP4ur7kLHDfmJ1nna95ls6xLIgk8-zBUth1Jv-hzKVTABP2a9_vTA5IFBAgEGAGSBQQIBRgEoAYugAeZmogqqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBRCenLID0ggJCIDhgBAQARhfgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTExMTQ5OTM0MzgwNzU0NDYYAA&sigh=jJbNCjoXfB8&template_id=419
Requested by
Host: ekapustazajm.24bank.su
URL: https://ekapustazajm.24bank.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 14 Oct 2021 03:26:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 14 Oct 2021 03:26:28 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame D1F5 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2716
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 02:41:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame D1F5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:13:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D1F5 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 03:26:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame D1F5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:14:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BA50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbDQWY6NnYabDGo_IgAeFwIW4Cfjb2d1lpMzgtcoOxYDw1OgfEAEgtLj-ImCV4pCCoAegAbLH0f0CyAEBqQJo8dumZ3WzPqgDAcgDywSqBNMBT9CY2OsSK8vWog-h_chGKJuDZ3YsJ3TjNXosVVssKNyMSBJhHnURTXgWpLOxKTWezXhPh_I08RZOVdLvvblFc_ZZRVIdA5pXaqZuDtJiJJViX5lqV-MR5us_KGojtDcx8fsXWz5s2C4oSCdbE3_p68VVLemHd9rXY22kHHOWIytm4FMw36Lh92yWCsV8gPBL2eqqYo4nwp1d6GalsvD9BiQY9D4O2JGO5vCbKekpvWFwWwgarCsdFEJ4PvuZOdFDt0Vx-IAOYlt6F5q1cqm6ouqMgcAE-uf71OgDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB7z9weQBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBD31AfSCAkIgOGAEBABGF-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMTExNDk5MzQzODA3NTQ0NhgA&sigh=ukVbFbPe1gY&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 14 Oct 2021 03:26:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 30FD 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmiKyJg6niKwj4-qjQlBrtwQxEOFoEFOPAoSjb-XMAicZV-M0TW1_ssPfMoJeY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 14 Oct 2021 02:35:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3032
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BA50 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f88a6604b472cbc08f37e02fd334c529e000255eabf2ceaa2eda41f30e575dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1B62 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmiKyJg6niKwj4-qjQlBrtwQxEOFoEFOPAoSjb-XMAicZV-M0TW1_ssPfMoJeY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 14 Oct 2021 02:35:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3032
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D1F5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
681a426fc4f3ca87d6731e9a0640cc4fd1f0bc2765b8654c0e1bba50370320a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
css2
fonts.googleapis.com/ Frame D942 		4 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:47:14 GMT
server
ESF
date
Thu, 14 Oct 2021 03:26:29 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 03:26:29 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D942 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:46:14 GMT
x-content-type-options
nosniff
age
74415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 13 Oct 2022 06:46:14 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D942 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 00:41:57 GMT
x-content-type-options
nosniff
age
355472
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 10 Oct 2022 00:41:57 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame D942 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:24:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7792
x-xss-protection
0
server
cafe
etag
11501120118990840405
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:24:25 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D13D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 14 Oct 2021 13:46:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D13D 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 14 Oct 2021 13:46:49 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D13D 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 03:26:29 GMT
DISPLAY_DE970_x250.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/ Frame D13D 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/DISPLAY_DE970_x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
346c65a60537ef3e0044a48027ab3bb6b0325c5700fe2f231e15f5e95185ecbe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
187170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6942
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 12:33:45 GMT
server
sffe
date
Mon, 11 Oct 2021 23:26:59 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Oct 2022 23:26:59 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BA50 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options
nosniff
age
200400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 19:46:29 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BA50 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options
nosniff
age
205503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Oct 2022 18:21:26 GMT
css
fonts.googleapis.com/ Frame 648E 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 01:51:26 GMT
server
ESF
date
Thu, 14 Oct 2021 03:26:29 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 03:26:29 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 648E 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:12:35 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 648E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 02:41:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 648E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:13:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 648E 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 03:26:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 648E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 03:14:27 GMT
94b9e9edb15b7c220f12fa63d878a5af.js
www.gstatic.com/mysidia/ Frame 648E 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11213
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 05:48:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 10 Jan 2022 11:08:32 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 30FD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmiKyJg6niKwj4-qjQlBrtwQxEOFoEFOPAoSjb-XMAicZV-M0TW1_ssPfMoJeY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 03:26:29 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 14-Oct-2021 04:26:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 03:26:29 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 03:26:29 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1B62
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmiKyJg6niKwj4-qjQlBrtwQxEOFoEFOPAoSjb-XMAicZV-M0TW1_ssPfMoJeY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 03:26:29 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 14-Oct-2021 04:26:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 03:26:29 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 03:26:29 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 084E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmiKyJg6niKwj4-qjQlBrtwQxEOFoEFOPAoSjb-XMAicZV-M0TW1_ssPfMoJeY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 14 Oct 2021 02:35:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3032
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BAZARDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/images/ Frame D13D 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/images/BAZARDE.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
ea7495ad729c0a20509d15ef8d5e035c98bfa13661b5274ffa320ecef1c71717
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
187170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51402
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 12:33:45 GMT
server
sffe
date
Mon, 11 Oct 2021 23:26:59 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Oct 2022 23:26:59 GMT
logoletzgetzpngcopy.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/images/ Frame D13D 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7245452868610477129/BAZARde_970x250/images/logoletzgetzpngcopy.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2418749058&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986902&bpp=1&bdt=391&idt=454&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BovV0NvV64&p=https%3A//ekapustazajm.24bank.su&dtd=463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
4310833cd358979397a33d4aa6843efb6db7f0928fb304135b111dff0e5e7768
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
187169
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18824
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 12:33:45 GMT
server
sffe
date
Mon, 11 Oct 2021 23:27:00 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Oct 2022 23:27:00 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame D13D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
143115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 37AF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634121824&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fekapustazajm.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634181986898&bpp=4&bdt=387&idt=389&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3046616529035&frm=20&pv=1&ga_vid=735474882.1634181987&ga_sid=1634181987&ga_hid=1013140846&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31063101%2C31062525&oid=2&pvsid=303080892745025&pem=849&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RTRQPgwWrw&p=https%3A//ekapustazajm.24bank.su&dtd=427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
143115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3b47e6058c0e62893050483092c57943b2134670474d4ee2cfedf6fae63a3983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 03:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8465
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 084E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmiKyJg6niKwj4-qjQlBrtwQxEOFoEFOPAoSjb-XMAicZV-M0TW1_ssPfMoJeY; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 03:26:30 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 14-Oct-2021 04:26:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 03:26:30 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 03:26:30 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		991 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9356eaceae5dda50b115780e1f23140c7ff7f02483e5098c57f0ffeeb41ab267

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=ekapustazajm.24bank.su&bust=31063101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 03:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 14 Oct 2021 03:26:30 GMT
54551386
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/54551386?wmode=0&wv-part=1&wv-hit=171447890&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&rn=848892858&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1634181991%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014032630%3Au%3A16341819871019462884%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634181991&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekapustazajm.24bank.su/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:30 GMT
last-modified
Thu, 14-Oct-2021 03:26:30 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ekapustazajm.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 03:26:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F166 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ekapustazajm.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 13 Oct 2021 19:06:00 GMT
expires
Thu, 13 Oct 2022 19:06:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
30030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D89B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
2be77d02de0ab3601d08e4ebbaa2cb659d4acfd18e5c223c69de93263fd78bf4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2I3xqShxrPVLTQreHUxrzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ekapustazajm.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 14 Oct 2021 03:26:30 GMT
date
Thu, 14 Oct 2021 03:26:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-2I3xqShxrPVLTQreHUxrzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame D89B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=303080892745025&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame F166 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
143116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BA50 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvk3soAxN08ggDX9ygaQoUh7NAUL0DuoZ60EwgSSsDbLLsvRKg_8DMNU5o4FCyZ8Tf9yLkw5udJ4nEQ6MGfkT465aDncALxKJYRVX8ON9wLb7_eEx0uow&sai=AMfl-YRsu-_21gVBLZwnOPl77YE_vimzoVARmEV5F4_7B6umzgxZS6q9KBXQ8dlRnclHhc7kj0jrqqQ04NWi&sig=Cg0ArKJSzMG2R4bBIfUjEAE&id=lidar2&mcvt=1018&p=0,0,280,680&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1829738629&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634181987326&rpt=2460&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=303080892745025&bg=!7-yl7KjNAAbGFvHlxhY7ACkAdvg8WurGbZzwbeTnM2EGtBagdCgyGpFK4s6ggyMZEO70Khc9PCs3gwIAAAH8UgAAABJoAQcKAEB7UXgEk9KIGkjQ8y7Zu0O70ffaqHdY7nYRZBFk3hZ4IB1xJlfTHT2ZL50cf7LQTH7zr9KK6tPQ4OSHgxugSlWdmQK7T7MboQA3V96y8wLidEQ9-6uT_hlrtsiJ-htxuN_66ZLc2SSYZCR8LygFD6qj3PDg_QuPZ1JFDINUfWxZtnhqfIJHq8A0AWZxFKxPQPMauzmpJFY1gTMG8_g7L8j_qs31JuUdaiBj8IJ_wT3xY-e5e2bNn_vRnJDooBbhklIZOjfDwbf26-I8BP4Y6L3_EBdjF65K2K8YirC_OLYxY6L7TCyq9oZhuiUqvszEgTzL4zPMdH7luuvYsRZj9b410Tgo0QBQIVdQ7CYXH73OfcYnzNq7YlmyhUzveC563fVWDgVVeY-u9Van0a40GMOUH7-FK0fIgaEn1HU_FpBo_nkvpdFSfNOqBphHOZoxb7_R7YeibZLpdAn8Qq2GuZMBY13kBlUXs0QsR6L3WI5Ww4B1H9g3V0BHuDnmvWdqFeI-lGi_rwYhj79thpktc8AO-w_8CtPgyoAZrLUlZYJRIKuW9SI0KrpmwE9FRFwJj5KDWK9jzAxmyefTQEr35TfdTsvVFfkadx-rspEVA3suJDo8j21EuAnV0WcifgfFyhuz477_IsrA8ZDX_thBS0ROo-Hhbdzc37e4WQQZtCEKSjd7vz_9B8HadAeQaRyGvI-pI5KdkZ0jMQEX7WtVG84uB3bbqG0Owl6TPEtyJSW2GX4tq4n916AS5XgQ-xj3u5MQtK6oddSM-etRJyJFKLv-9eDGJ1m0J24UVc_xgF4Lg1bTjK2OGATyB0tzscGTMZ85iaYdp9veI4N5ZpID0SDNWHTEmRqENPeJqDl4HWdZY0PO6PwghioL7XdaidxZJpiQB3f8cgIRCUgOFtmH3YLrCP_Eq038rpd8M6VRlBjmxuGgZ-aLEECmLk1yCaTbCZWtKdwH4MmAZyBQRHSBXzTOM32BTCiOMhEiW4lupUjpyboF94nv6r0NPPIBQNwW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekapustazajm.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
54551386
mc.yandex.com/webvisor/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/54551386?wmode=0&wv-part=1&wv-hit=171447890&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&rn=81907598&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634181991%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014032631%3Au%3A16341819871019462884%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634181991&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekapustazajm.24bank.su/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:31 GMT
last-modified
Thu, 14-Oct-2021 03:26:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ekapustazajm.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 03:26:31 GMT
54551386
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/54551386?wmode=0&wv-part=2&wv-hit=171447890&page-url=https%3A%2F%2Fekapustazajm.24bank.su%2F&rn=411970778&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634181993%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014032632%3Au%3A16341819871019462884%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634181993&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekapustazajm.24bank.su/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 03:26:32 GMT
last-modified
Thu, 14-Oct-2021 03:26:32 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ekapustazajm.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 03:26:32 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster object| WebFontConfig function| $ function| jQuery object| pseudo_links object| sbmt object| npt object| d function| __ksinit object| tocplus function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar object| a3_lazyload_params object| a3_lazyload_extend_params object| jQuery1111010459942156477764 object| beegl_widgets object| adsbygoogle object| WebFont function| jsCeGD3xOjISxJyED object| i7edcc object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| Ya object| yaCounter65665441 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| ym object| Beegl object| beeglID430 object| yaCounter54551386 object| google_llp object| googletag object| ZZFISEaEFXx object| CM2t817NpM object| s6WFO7 object| awzRJ5RcO object| wOnA object| Lu8VSC271m object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.24bank.su/ Name: _ym_uid
Value: 16341819871019462884
.24bank.su/ Name: _ym_d
Value: 1634181987
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1823014971fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3105766246fake
.24bank.su/ Name: _ym_isad
Value: 2
.24bank.su/ Name: __gads
Value: ID=f14bae4ae598cc0e-2202cd60f6ca0053:T=1634181987:RT=1634181987:S=ALNI_MYuxgIw3RlykJdkU4xPoedsVmnoaQ
.yandex.com/ Name: yandexuid
Value: 5207962831634181987
.yandex.com/ Name: yuidss
Value: 5207962831634181987
mc.yandex.com/ Name: yabs-sid
Value: 630683361634181987
.yandex.com/ Name: i
Value: ChsN8ihV0hZWDWv9gnoAEGXnGQToCXNGoANT8GHvZIjZQLkTJuo7W3Nf+GcSKI5a8+u2elRprXR26nwQO/BpjK27uMc=
.yandex.com/ Name: ymex
Value: 1665717987.yrts.1634181987#1665717987.yrtsi.1634181987
.24bank.su/ Name: _ym_visorc
Value: w
.doubleclick.net/ Name: IDE
Value: AHWqTUmiKyJg6niKwj4-qjQlBrtwQxEOFoEFOPAoSjb-XMAicZV-M0TW1_ssPfMoJeY
.doubleclick.net/ Name: DSID
Value: NO_DATA

4 Console Messages

Source Level URL
Text
rendering error
Message:
Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9425.3HB-Y4eKhTy2CKaLLViCGCZIH-u1V9QJUDADjzuGXd74-pc5ZtPMVhfXGeNk3rEoE1gGUsKE4Q1GPsDLYgjIKA%2C%2C.828Hd3BG9T_y5tO6b9eNTB9jTP4%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other error URL: https://ekapustazajm.24bank.su/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript warning URL: https://core.bee.gl/index.html?pageTitle=%D0%95-%D0%BA%D0%B0%D0%BF%D1%83%D1%81%D1%82%D0%B0%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20ekapusta%20ru&beeglID=430&ref=N%2FA&po=https%3A%2F%2Fekapustazajm.24bank.su&expandBtn=true
Message:
The resource https://fonts.googleapis.com/css?family=Roboto:400,600,700&subset=cyrillic was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

133921.selcdn.ru
adservice.google.com
adservice.google.de
ajax.googleapis.com
allstat-pp.ru
core.bee.gl
ekapustazajm.24bank.su
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
138.201.66.95
142.250.184.194
142.250.184.226
142.250.185.130
142.250.185.161
142.250.185.170
142.250.185.195
142.250.185.228
142.250.185.66
142.250.185.70
142.250.186.106
142.250.186.162
142.250.186.35
142.250.186.98
212.92.100.238
87.250.251.119
92.38.252.165
92.53.68.202
05b490b45b06c3c4f5eec83830f313be90d2d7f65f10b2ae422549fcbc0ec5ff
06d864f3caca02cd885235987d417f73097080071638536046e893b146b28667
0a607bacc3c9db966cc314d146a1029d2cb5c8939101d17dd93a52b13aa41fb1
0a9e05fa3d5632de3fa9bc89b1e59ad5c93e2f3017675c2f9610623bc9a33eb1
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ef341168e500646ff2db05379b6056f7cb58cfb64c9e70ca3c2c3dd908f3d54
10c86b787eec802ee5cad865137e429228f7be0f15444e656e8ca84d933c3a46
14aca3a4eac5f97115f7dad1a717e1ca488696806e20055d7628f30fbae69c9c
17ac751b43933a9b01995bda136a278c0de836faaa037f4b018a53a3a239f8db
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1c1b62d0f0afaaa72498c1f95a6bce8db4fd9cc845b173e969dd0b87ed8d24e1
1c674b43278c242be73f024b21976becf88bb6e5435eed75e5789e20a3d9cda1
1d46088822673f396e2f4aa11b59b1b662192c57cefc253b56418a2e79b3cf34
1fa514a1b9e3364e81a23f10c849f9b33c4862af84da9c039dd76cac0370ea72
2123cece9ec46dedcc185050c9d3aa33137f8304d7235a780ad5e9b46075d84e
270ec41eac3531a8a8e0331e1559c454f424139237cfd9879f0aa4ac766ae436
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
2a79aa7ef0b72622fdc1e0018720150c808b289e7c0a2716a3e58b2a84b1d675
2be77d02de0ab3601d08e4ebbaa2cb659d4acfd18e5c223c69de93263fd78bf4
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2e3ac1613a2b1925a8a1bb40e020a20a467317ea0eb00332d300d0eeb116e377
2fd5c0c5fc8435f8c67b855ba2b9c0cf259c120e2cdc887f1b38d66b57687817
2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
346c65a60537ef3e0044a48027ab3bb6b0325c5700fe2f231e15f5e95185ecbe
35cab8a3f4129d4ec34ba04a05b078cf48feaf1f1ca88503416ef428790238b6
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
3b47e6058c0e62893050483092c57943b2134670474d4ee2cfedf6fae63a3983
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
3deaede57a187d3950ac48f49081371b953e009038c2d39d2039388834536ce5
41a50386fcaa2353b4768e9467949668e34e65238d4d3a741c733fec7d574961
4310833cd358979397a33d4aa6843efb6db7f0928fb304135b111dff0e5e7768
46b047af9c590cf86b60f5484f44fcfaa90faca0ff79f37133f612d8066eafff
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb261e1c861553e6f87a58d9e3d8e07517e186e2aec47b7730e264701f61c85
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
56abe905cffac220a8f3a3d840a33d03c29525aa5356dab88cf2f3ee07758478
5941254dbe5da13acc360c8445b488a17faae1fb1a2c1338fdf60769225ecc20
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f88a6604b472cbc08f37e02fd334c529e000255eabf2ceaa2eda41f30e575dc
611231d7d6bc23accc6e582026e3af1300e8360effa57b00656de22a1587f6f8
681a426fc4f3ca87d6731e9a0640cc4fd1f0bc2765b8654c0e1bba50370320a7
69501c1f3e5d97cec91d6806bfae53d41490e2eb4a18ba5417fdb71df084d7e9
6ee1308ac3c9a65a4de8c80a32673e55cbff4aacaaf3fb9b494422d8ac127e6d
76af119439f11064b75e81d4205acecf5ef06165b209ac67dd082407ec4b551b
7ce8fde1e19d45e140ba1f2e2756d7e564eb85c8888cc49547ee6a7cf87bc081
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
9113ca71e278c1bbf5a9b9ef583c69d9aa24c17a0be61ced00180cb1d3881e2a
9356eaceae5dda50b115780e1f23140c7ff7f02483e5098c57f0ffeeb41ab267
94f77ad5cc709af0619b2fcdf1ef5cf866037fae156e619b781ec3b6c81f66d2
95b3cbe92efea6a44d78d59fb4ecee7787f36ed67726bd3f50b7c8c3a64b9202
9682a724855c240af766febd2b38f253c6f23dc8680bc5f9b2ccbc4a36ac46a7
99d3120abef99afd220a119a71b162cd13c85d4047bb4b291d7bf02510128c7f
9b08bda5e8385578d22177a86da3dc0e9d30f4d07a65ccdd1515c73899a99cbd
9ecb912e3d60eed3050ca2825ff8dc7796d86154539d1c0c8a5d819430c5b9db
a0e1d00234de24de2a21abafa73f511b98539110c88b08ffb3dfe90a9e9c0dc3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b0ed7256ad6c2f44037d68adcbc5139635d49f99b4fb4ae97876b3264bf714bf
b16a78964ae12528e5e447937d806dc41ce155fbaff4f77cf5a11fcf941a7c3e
b27bf8d902f81d740b7a03b8c6b6912ed1ed07260e9dc5664a0f1f1aef82f3d8
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b30ed5fcf3bb68fb5fb8157929bcf82d3ea9df29bff4d983e76a9468ee3a1640
b311eaf0a3044651d0a0b86908790f9b090b7a25d82c384eaa90e5b12b12e91e
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
b872973d37fb399644413211d58d0aef96f76e5f7b29d36f643055fcbf251953
b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c297fc6b646ba245dda790aa12134d618e1cb2802ec13f9bbb1f1ac94a9a2cd6
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6023a1e947bd55c70c83fd92774ed45c0eccbd580f0899e3c0ac6bcab28e5f9
c63c45fbf5be557da8f5f8639546cd05a0315d4f030f327373676c7288ab7593
c8152ef8b4cfe7866d981f965db2ac14271523b9563b93521350185e9b1dc0c8
c97d9cbf4dfbc061188016f630c62cc7f93e89c3e275561e244b94fcbe5bc17c
cbb5349b02742a66e9b83823d63ef9adda4cadaff1924e05679cdb9341afe62f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ceddd46049e798a3208daa8404fb58f9e57c8873bcd65d512930b287dd8d8044
d27c9b772c04136aaa20c82a7af3448ef1b034e66f3d8629024bf2e94057c4f0
d331e00dd14b917d5120a6ac7b95977c10535a013f2c10d2c0f5250cda8821b8
d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
e2df980c7914227e335304834f8801fe09cfaaac5ea72b119aba7050bd64f8de
e3a9fde73ab4eed86a484b3ddb02e285cead10a46c95d7915c2ff9a490a711a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f684aad7a251139693f26ce62800fb7a25dfcc28e117458a4c355b4c037613
ea1a9f0adcea63a685834433f175b8646d4074205a011bc0f78b4d46763aef17
ea7495ad729c0a20509d15ef8d5e035c98bfa13661b5274ffa320ecef1c71717
eafe160c631fe12e8295a70b1f984d23fe9a988f47c3768683927c69554e6b0e
ecf3b71e829e2fcdf38156e23d0398e6d9061cf450a63efc29c868683e34614e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3931e1eea6ea15a5b56c00039787d812ea41429a8f0c81ff0cc0a03c9e95823
f3c666d75eeb7a517edef5cd6fc4db0c45f5e3e1442c603ae4fa77d93e4ece7a
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f85c0c31350a1cd2211ee943ec3c3cffb448e2afba73d3875807a85df3093a41
fdbbb2f86aad43b5ecffd6704cea37cd9457cba6d80f70138816708cb4e054f1
ff06fb1a2c0b1ee0a556df35453503834b2f8cf6b79914b6581724403074aa23