urlscan.io logo urlscan.io
SecurityTrails logo

www.rtsak.com Open in urlscan Pro
2606:4700:3030::6815:30cc  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Submission: On February 16 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3030::6815:30cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rtsak.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2020. Valid for: a year.
This is the only time www.rtsak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3030::6815:30cc (United States)

ASN13335 (CLOUDFLARENET, US)
www.rtsak.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
googleads.g.doubleclick.net
12    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
12    2606:4700:20::ac43:4787 (United States)

ASN13335 (CLOUDFLARENET, US)
rtsak.robtex.com
rtsak2.robtex.com
rtsak5.robtex.com
rtsak6.robtex.com
rtsak7.robtex.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-16089196481049979349.ampproject.net
3    2606:4700:20::681a:feb (United States)

ASN13335 (CLOUDFLARENET, US)
www.threatminer.org
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-amp-error-reporting.cloudfunctions.net
Domain Requested by
12 cdn.ampproject.org www.rtsak.com
cdn.ampproject.org
6 rtsak2.robtex.com rtsak.robtex.com
3 www.threatminer.org rtsak.robtex.com
2 rtsak6.robtex.com rtsak.robtex.com
2 rtsak5.robtex.com rtsak.robtex.com
1 us-central1-amp-error-reporting.cloudfunctions.net cdn.ampproject.org
1 rtsak7.robtex.com rtsak.robtex.com
1 googleads.g.doubleclick.net cdn.ampproject.org
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.google-analytics.com 1 redirects
1 d-16089196481049979349.ampproject.net cdn.ampproject.org
1 adservice.google.com cdn.ampproject.org
1 rtsak.robtex.com cdn.ampproject.org
1 pagead2.googlesyndication.com
1 www.rtsak.com
34 17

This site contains links to these domains. Also see Links.

Domain
www.robtex.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-14 -
2021-08-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
robtex.com
Cloudflare Inc ECC CA-3		 2021-02-04 -
2022-02-03		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
misc.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Frame ID: 800C106E153F399A911C55318654547D
Requests: 22 HTTP requests in this frame

Frame: https://rtsak.robtex.com/iframe-0790.html
Frame ID: 7D81EF3ADC86637629B5C9B1CCB071FD
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?adsid=NT&client=ca-pub-4135738839534654&format=1200x280&w=1200&h=280&ptt=12&iu=1210062246&adk=2672711228&output=html&bc=7&pv=2&wgl=1&asnt=0-3190357708721445851&dff=%22Trebuchet%20MS%22%2C%20Arial%2C%20Helvetica%2C%20sans-serif&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=1&pfx=0&adf=3830571579&nhd=0&eid=368226510&adx=200&ady=152&oid=2&is_amp=5&amp_v=2101300534005&d_imp=1&c=49001984&ga_cid=amp-hyaKX-cRL4wiKt9EOqwOlw&ga_hid=1984&dt=1613472666222&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.rtsak.com%2Fdns-lookup%2Fmercury.ts.checkpoint.com&bdt=261&dtd=57&__amp_source_origin=https%3A%2F%2Fwww.rtsak.com
Frame ID: 71EC36D6259FCF0E7266954181D2B813
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

34
Requests

100 %
HTTPS

100 %
IPv6

11
Domains

17
Subdomains

9
IPs

3
Countries

346 kB
Transfer

1129 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Mercury.ts.checkpoint.com%20has%20one%20IP%20number.%20The%20IP%20number%20is%20216.2...&sr=1600x1200&_utmht=1613472666550&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&tid=UA-29491637-23&dl=https%3A%2F%2Fwww.rtsak.com%2Fdns-lookup%2Fmercury.ts.checkpoint.com&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.026946366414881018&_r=1&a=1984&z=0.9106387536285157 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29491637-23&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&jid=0.026946366414881018&_v=a1&z=0.9106387536285157 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29491637-23&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&jid=0.026946366414881018&_v=a1&z=0.9106387536285157 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29491637-23&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&jid=0.026946366414881018&_v=a1&z=0.9106387536285157&slf_rd=1&random=1244882401

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mercury.ts.checkpoint.com
www.rtsak.com/dns-lookup/ 		39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:30cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a0163d540a0872f8754089ea8456003870c856c95426005b3175488289aa09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.rtsak.com
:scheme
https
:path
/dns-lookup/mercury.ts.checkpoint.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:05 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d9022db2f130b2ccd799e910d99c70ecb1613472665; expires=Thu, 18-Mar-21 10:51:05 GMT; path=/; domain=.rtsak.com; HttpOnly; SameSite=Lax; Secure
link
<https://rtsak.robtex.com/iframe-0790.html>; rel=preload; as=document,<https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js>; rel=preload; as=script
cache-control
s-maxage=1, max-age=1, must-revalidate, proxy-revalidate
content-language
en-US
vary
Cookie
last-modified
Tue, 16 Feb 2021 10:51:05 GMT
expires
Tue, 16 Feb 2021 10:51:06 GMT
access-control-allow-origin
*
x-rt-time
0.123125737 0.122831179
cf-cache-status
DYNAMIC
cf-request-id
084c1028b90000dffb5712a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8TxOJdix6cRZTXhNtPScjWHuID4zu2bjmrmKLH0lVM9Q9BU3V59P7Ayn2XkJ0jiLW7fci3lOE5n%2FL0HhEnXgS8oGK0lv3yvLnmk%2BryucxF7umOL5S%2BnDYotC"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6226b6212d95dffb-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b2a184ba2cf788cea7c9b86ad7e2ac6851abf21618de6e7309973854bd27cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
48452
x-xss-protection
0
server
cafe
etag
695485552098464747
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 10:51:05 GMT
v0.js
cdn.ampproject.org/ 		264 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.rtsak.com
URL: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bf97f16f3a4db0ac5490c17a81a4b3fdc5b2c740f51a398dfef4507bcf6a6f9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70819
x-xss-protection
0
server
sffe
date
Tue, 16 Feb 2021 10:51:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"dd4b30a143a10580"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Feb 2021 10:51:05 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.rtsak.com
URL: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce3c55f7e58806365fc61b525f4a2c2a0a1c55460ec330518e253fe14a20bdff
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20256
x-xss-protection
0
server
sffe
date
Tue, 16 Feb 2021 10:51:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"588bd6cf66a47d65"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Feb 2021 10:51:06 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.rtsak.com
URL: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e36228c2951aaed2c9aa0327fedeff17007435037b0d02c3a7919cfdb8cc18
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29437
x-xss-protection
0
server
sffe
date
Tue, 16 Feb 2021 10:51:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ebde20d768bd03d4"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Feb 2021 10:51:06 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: www.rtsak.com
URL: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a0a32659c96f16858c9891b18e57d121765ba141f23de3e252d588dfb13bc70
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8621
x-xss-protection
0
server
sffe
date
Tue, 16 Feb 2021 10:51:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"97e409b21f16b727"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Feb 2021 10:51:06 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.rtsak.com
URL: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2d28776d2d0d2621a3c26234b4cf10c3599cf3e87d848f81c598119783a1d5e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14369
x-xss-protection
0
server
sffe
date
Tue, 16 Feb 2021 10:51:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"c767d5835ed57636"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Feb 2021 10:51:06 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.rtsak.com
URL: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22908da8b4e4678f253e4238fc58cc30d129e45ea0950c13c904f4cf11706b8b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5438
x-xss-protection
0
server
sffe
date
Tue, 16 Feb 2021 10:51:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"3c478d21707b54af"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Feb 2021 10:51:06 GMT
amp-user-notification-0.1.js
cdn.ampproject.org/v0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-user-notification-0.1.js
Requested by
Host: www.rtsak.com
URL: https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1055c0ee01ab45a977e9b8bfd8367fa0be8b234fa593263fb1b0a3f2345b6800
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3989
x-xss-protection
0
server
sffe
date
Tue, 16 Feb 2021 10:51:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"63b5041a5b402643"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Feb 2021 10:51:06 GMT
truncated
/ 		198 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
011767c567f29408b1eba21772d1d6d1c8cf6d7416410b46152b89ff90df1285

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		201 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01de2ee261d8007c59a8f3536af7b4a1274526bd370ce468b400eab1888c2638

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012101300534005/v0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101300534005/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693ac63831e820dd4f84115ed9abce82e7561d41604cc7ba801ea49c42f87402
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.rtsak.com
Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
491696
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2053
x-xss-protection
0
server
sffe
date
Wed, 10 Feb 2021 18:16:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"be4bf07ac7e32633"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 18:16:10 GMT
truncated
/ 		737 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
635af0203692525e35e867c4e8d671740f8df68ec32ba32f2cc57606d596c91c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		258 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b6baa10284593ef2b3bc98916fa178001eed4e2e45f11f3df5602de0accbe5d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-loader-0.1.js
cdn.ampproject.org/rtv/012101300534005/v0/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101300534005/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241b498e8addec6c5b739088b17507dd0bafcef20ecc1267b83466b192772ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.rtsak.com
Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
491696
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3748
x-xss-protection
0
server
sffe
date
Wed, 10 Feb 2021 18:16:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4f56a54b4923b6a3"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 18:16:10 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012101300534005/v0/ 		180 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101300534005/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
494c65226c423a4a61b14ba5d6888858e01870e0ace62ae3afde3c7598db1baf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.rtsak.com
Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
491683
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49848
x-xss-protection
0
server
sffe
date
Wed, 10 Feb 2021 18:16:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"56a4a425b4e53b01"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 18:16:23 GMT
iframe-0790.html
rtsak.robtex.com/ Frame 7D81 		212 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtsak.robtex.com/iframe-0790.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a2ecabf8c501573c80153d7017d45d780abe07adb8517758cb75a8863b1c2b

Request headers

:method
GET
:authority
rtsak.robtex.com
:scheme
https
:path
/iframe-0790.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d8ba529c0c6df56427eb58daf6da95e371613472666; expires=Thu, 18-Mar-21 10:51:06 GMT; path=/; domain=.robtex.com; HttpOnly; SameSite=Lax; Secure
cache-control
max-age=5
content-language
en-US
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
expires
Tue, 16 Feb 2021 10:51:11 GMT
access-control-allow-origin
*
x-rt-time
0.003795142 0.003394727
cf-cache-status
DYNAMIC
cf-request-id
084c102a9f00002056b034b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R%2BwqlQ17EMgnaoyBNr6pCT8j3HaRDtvWEyq%2B9ocZUZCSlmcl0d3S%2BoBwmH35al582Z5O19JRu2uCC9l6Hi069PjnjQoeTR7o1jlKilmr%2BOAC%2FyypGGMKB95WXRrW"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6226b6242b9a2056-AMS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
amp-ad-verifying-keyset.json
cdn.ampproject.org/ 		419 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-ad-verifying-keyset.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622221d4b92040a92cac29d6aaa27b1602fd92b28997885b56cad5e529e07731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:46:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 May 2017 15:06:13 GMT
server
sffe
age
254
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/jwk-set+json
access-control-allow-origin
*
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419
x-xss-protection
0
expires
Tue, 16 Feb 2021 11:36:52 GMT
integrator.json
adservice.google.com/adsid/ 		88 B
828 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.rtsak.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05a714591a87a3666b44e1872d464da51680f8807c6b6196dd837d9a120e2a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.rtsak.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
nameframe.html
d-16089196481049979349.ampproject.net/2101300534005/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-16089196481049979349.ampproject.net/2101300534005/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.rtsak.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
h.04.com.checkpoint.ts.mercury.js
rtsak2.robtex.com/js/getf5r/z3/ Frame 7D81 		519 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak2.robtex.com/js/getf5r/z3/h.04.com.checkpoint.ts.mercury.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f4552e0f042f7ae1c0c78009d3b7859a4b744e256f513b8bf839b27a95f7d0c

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.008706318 0.008421303
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102baa00002056f21c3000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mTcZCQUDsB9JV1MWPvPTCFe%2FSjOuxZZrtSkcn5PYPx6jt1enkeIFSNnzf0JD7NPJ37yH12BiNuI6n2qfgNJ5MhzBEJxBCwwaL789Ak5UClRUpSZ%2F8Abr3qp51VtuWQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b625d8cc2056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
domain.php
www.threatminer.org/ Frame 7D81 		71 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/domain.php?q=mercury.ts.checkpoint.com&api=True&rt=3
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68844e61b10737b08f2bc0275a3031e22dc71b7c4c270255a2c2139c08bcf38d

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mq7bvgaQvlIf3KjhE49DTYq6heJumeMAyjctOXjsm3L2KXyGlPnZEfMjgQhx9NMvznpICuWTy6%2BAU%2Fbh%2BPQx%2FRybJgqEWgh9YybMRTxTodmizCyD93MOKvexF%2BmDumYg"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
6226b6260a3dfa40-AMS
cf-request-id
084c102bc10000fa402e097000000001
domain.php
www.threatminer.org/ Frame 7D81 		71 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/domain.php?q=mercury.ts.checkpoint.com&api=True&rt=6
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68844e61b10737b08f2bc0275a3031e22dc71b7c4c270255a2c2139c08bcf38d

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7JFt1s6nMV%2B%2FTzkvFJKfRiPmBL9e6a24Ij%2FPURKLO%2FdJHTZSIpJm2u1WRE4aewKLB6d1d%2F4eLhEWEUzVEUcpuLB1MqZyKUPuLt961qcbojtXs2bO91FXiP%2Bm6Jeg5gv5"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
6226b6260a3ffa40-AMS
cf-request-id
084c102bc10000fa40fd983000000001
domain.php
www.threatminer.org/ Frame 7D81 		71 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/domain.php?q=mercury.ts.checkpoint.com&api=True&rt=1
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68844e61b10737b08f2bc0275a3031e22dc71b7c4c270255a2c2139c08bcf38d

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9RVwPiLYV99HNiX2VEC3v3hfs91i5hbrXjoY3sWH1Pi3PU1dqUrCDuJb7njCvMqGn4wZa6mXLRgQU%2Bi93HDkelgQz%2BSKlo0TUnpraZdmtf4RXeI1EhtqCvcCZcraj8Jg"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
6226b6260a45fa40-AMS
cf-request-id
084c102bc30000fa4014171000000001
h.02.com.checkpoint.js
rtsak5.robtex.com/js/getf5r/z3/ Frame 7D81 		1014 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak5.robtex.com/js/getf5r/z3/h.02.com.checkpoint.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ac4d722812ae2c903479495f876eb809987c4af76e8341614936606dbc9114

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.005733881 0.005308178
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102bac000020564b25a000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MKzEQAyYDpRj0Acca%2BnkY4aYrEP3Rr7Ulq7TaUzj8VuPMe6A8oWeCCrzYJruh7gL921XhJ2HqDcac0lZ0rsvMLdAmhZh70qLMQ%2F8eZIBycFX7iQt2tCiPsl4aRWVXw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b625e8e82056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
1055616234.js
rtsak6.robtex.com/js/getr6/z3/u.03.com.checkpoint.ts/ Frame 7D81 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak6.robtex.com/js/getr6/z3/u.03.com.checkpoint.ts/1055616234.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2b37b1e2e603544dc5c353391c29673a403e400621afffa97256a2263c657c

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.011605964 0.011353202
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102ba40000205625131000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GW6QlYFGzLNStz2BxSrNsHaaKJG2NfNjd%2BSo%2Fn0Mhs18cVkxMOBfhLwV5AqoJp90HQ7FIDF8s9XG7U9wVdLevyGIxDWoZt0Z2FfviNQvfJUqxC9g9%2BjpASOKSPpK%2Bw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b625c8af2056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
1055616234.js
rtsak6.robtex.com/js/getr6/z3/v.03.com.checkpoint.ts/ Frame 7D81 		2 KB
975 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak6.robtex.com/js/getr6/z3/v.03.com.checkpoint.ts/1055616234.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e61cc901857ecd3154edc2cc35998aba50b8a5196f3b43dde6ef3c23f6b019b

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.005864842 0.005359951
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102ba200002056ae81c000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x7OkssQ0NC1ZmjVv1zLWGc0LWn%2BABlS9IHxmB3yQ3q7mgU%2ByjqrQ7SyTF85KUAy5vNLy5zZFgU3U3XW1rXZB7nA8Fv6bXxqUVeWGrVVx9ehA4RzhrMXjnPkgTwznJg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b625c8a92056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
1055616234.js
rtsak2.robtex.com/js/getr6/z3/u.04.com.checkpoint.ts.mercury/ Frame 7D81 		179 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak2.robtex.com/js/getr6/z3/u.04.com.checkpoint.ts.mercury/1055616234.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f2288269dedb6d7083d09862a90694644c3e2f550567bda120f032a1e34bca

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.008543648 0.008266084
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102baa000020565986c000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=09ZG4NPurza%2BoXg4SHTT%2Bf1ReM4USUCGBfQqyNtWafFso3PBuJhPN9uAH4jY1qufAtaAF7KKYGm0E3s1WTYZquE6ufwBC%2BzfqEwnsAZrEMDlaituxze9CWysQX3flA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b625d8d32056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
1055616234.js
rtsak2.robtex.com/js/getr6/z3/v.04.com.checkpoint.ts.mercury/ Frame 7D81 		179 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak2.robtex.com/js/getr6/z3/v.04.com.checkpoint.ts.mercury/1055616234.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ae7a2b6e32c264c23cc12c4bdacc4e4d1eb201f76a5ba2df135b2a1935ce48

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.005643851 0.005359379
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102bab00002056b0bf3000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FKNhIgzr%2F%2BGNJqozzpZeFBMEjFasdMLwXuqupgfPlWtd79pD8eCNuGHgb0F45SEE%2BhHoLDhagw8TVqW149tIQgejYNgerfvEGYJTrLd0NsFrwhoFuyWkcqsmEVDvaw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b625d8dc2056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
1055616234.js
rtsak2.robtex.com/js/getr6/z3/h.04.com.checkpoint.ts.mercury/ Frame 7D81 		513 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak2.robtex.com/js/getr6/z3/h.04.com.checkpoint.ts.mercury/1055616234.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
960a5ebecda4f1552a7e96d5ab1f4cef5d0458047275ad98acfcedd2259f4071

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.073984948 0.073701308
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102bab00002056c80cf000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F32Hkpr3ccUFmI9rYvoIs3tPLVTs6Vr8g1MKEhPuFI%2FkL%2FF4RT0Y0dI94LrwnzjLbrXzQS7Wp536g9jAachffcMy%2BQeXJr8jmNk9VJ007rdWwnvWyvpwLZUwBzOyjA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b625d8d92056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
truncated
/ Frame 7D81 		198 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
011767c567f29408b1eba21772d1d6d1c8cf6d7416410b46152b89ff90df1285

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7D81 		201 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01de2ee261d8007c59a8f3536af7b4a1274526bd370ce468b400eab1888c2638

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
googleanalytics.json
cdn.ampproject.org/rtv/012101300534005/v0/analytics-vendors/ 		2 KB
889 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101300534005/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f53945eda017435c600f05df250c86a4788653b8e2e4c17aa7d647b4ce35bdd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
491693
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
778
x-xss-protection
0
server
sffe
date
Wed, 10 Feb 2021 18:16:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c8fcc3d16d6d9d41"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 18:16:13 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Mercury.ts.checkpoint.com%20has%20one%20IP%20number.%20The%20IP%20number%20is%20216.2...&sr=1600x1200&_utmht=1613472666550&ci...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29491637-23&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&jid=0.026946366414881018&_v=a1&z=0.9106387536285157
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29491637-23&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&jid=0.026946366414881018&_v=a1&z=0.9106387536285157
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29491637-23&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&jid=0.026946366414881018&_v=a1&z=0.9106387536285157&slf_rd=1&random=1244882401
42 B
505 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29491637-23&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&jid=0.026946366414881018&_v=a1&z=0.9106387536285157&slf_rd=1&random=1244882401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 10:51:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Feb 2021 10:51:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29491637-23&cid=amp-hyaKX-cRL4wiKt9EOqwOlw&jid=0.026946366414881018&_v=a1&z=0.9106387536285157&slf_rd=1&random=1244882401
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 71EC 		603 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?adsid=NT&client=ca-pub-4135738839534654&format=1200x280&w=1200&h=280&ptt=12&iu=1210062246&adk=2672711228&output=html&bc=7&pv=2&wgl=1&asnt=0-3190357708721445851&dff=%22Trebuchet%20MS%22%2C%20Arial%2C%20Helvetica%2C%20sans-serif&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=1&pfx=0&adf=3830571579&nhd=0&eid=368226510&adx=200&ady=152&oid=2&is_amp=5&amp_v=2101300534005&d_imp=1&c=49001984&ga_cid=amp-hyaKX-cRL4wiKt9EOqwOlw&ga_hid=1984&dt=1613472666222&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.rtsak.com%2Fdns-lookup%2Fmercury.ts.checkpoint.com&bdt=261&dtd=57&__amp_source_origin=https%3A%2F%2Fwww.rtsak.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?adsid=NT&client=ca-pub-4135738839534654&format=1200x280&w=1200&h=280&ptt=12&iu=1210062246&adk=2672711228&output=html&bc=7&pv=2&wgl=1&asnt=0-3190357708721445851&dff=%22Trebuchet%20MS%22%2C%20Arial%2C%20Helvetica%2C%20sans-serif&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=1&pfx=0&adf=3830571579&nhd=0&eid=368226510&adx=200&ady=152&oid=2&is_amp=5&amp_v=2101300534005&d_imp=1&c=49001984&ga_cid=amp-hyaKX-cRL4wiKt9EOqwOlw&ga_hid=1984&dt=1613472666222&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.rtsak.com%2Fdns-lookup%2Fmercury.ts.checkpoint.com&bdt=261&dtd=57&__amp_source_origin=https%3A%2F%2Fwww.rtsak.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Feb 2021 10:51:06 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 16-Feb-2021 11:06:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Feb 2021 10:51:06 GMT
cache-control
private
n.d8e49416.js
rtsak2.robtex.com/js/getf5r/z3/ Frame 7D81 		149 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak2.robtex.com/js/getf5r/z3/n.d8e49416.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e19e681564228f397b2e474efaaf9ac443de7025613c4e27b4f45049672e41

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.002699321 0.002415728
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102c1f00002056b38c7000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7af7dPqqjUKxv7uWgAhpUrzfWLlzlp1wUirBVwfQtMc2LYs3C1Mu%2F379jvVPByGRVtTDngZrkAiFtdcF5rq9ll94boE6tx8YmMwETIqilC6sKe3etmGRMquTpVXMAg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b6269b542056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
1055616234.js
rtsak7.robtex.com/js/getr6/z3/n.d8e49416/ Frame 7D81 		624 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak7.robtex.com/js/getr6/z3/n.d8e49416/1055616234.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49dcc8ce7f9323ced5ad5efffb79471fd80dba7ce097510b6b20f9fb40b6f65b

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.011081156 0.010761254
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102c480000205645a3e000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W3aMyvoNQVXh1HRDMzuhnJ2Lo6MgO6SnByT4u4RFAOo1m8vUBo2lfYjr2H3ge5gHcZVlgcIW1CCx7TV9w%2BcelxOHqRgiGnvpvvanZBs4DlP2hpu7MaDlJ1TLhbTFeQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b626cbf32056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
n.d8e49416.js
rtsak2.robtex.com/js/getipinfo/z4/ Frame 7D81 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak2.robtex.com/js/getipinfo/z4/n.d8e49416.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cea3d1194ce5d3b1153cbb960fe0b1194916400ad669bf8b10df535cad2baff

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-rt-time
0.005655846 0.005357708
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102c2000002056ba14d000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9DRUX6dc3Xkrwh4dAdHxT2Rf6UqIIYc%2BYKSkDOfS%2FCmfxzNneS7auuuBzbBPO6uizKbIP2rXYEiYChtKvIJr4kWlsr4bp%2BeE%2FKebXAsIeWt3KqU1p9jhgjIyZzN4Xg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b6269b582056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
h.02.com.checkpoint.js
rtsak5.robtex.com/js/getf5r/z3/ Frame 7D81 		1014 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsak5.robtex.com/js/getf5r/z3/h.02.com.checkpoint.js
Requested by
Host: rtsak.robtex.com
URL: https://rtsak.robtex.com/iframe-0790.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ac4d722812ae2c903479495f876eb809987c4af76e8341614936606dbc9114

Request headers

Referer
https://rtsak.robtex.com/iframe-0790.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 10:51:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
x-rt-time
0.005733881 0.005308178
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084c102ce300002056b51d6000000001
last-modified
Tue, 16 Feb 2021 10:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OXIsRNRZcWdJv%2FdJfh6Wc2GvouXPa19jWN7xQXXlALn3jsx8fX2zwqFC16kLWESyBUQ2JJ6sSsfM%2FwWzz9xFRCwq6eoWcKBQDH3ePm%2FoYEwVICgt1tgKRv5sDx6pow%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6226b627ceb92056-AMS
expires
Tue, 23 Feb 2021 10:51:06 GMT
r
us-central1-amp-error-reporting.cloudfunctions.net/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-central1-amp-error-reporting.cloudfunctions.net/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Feb 2021 10:51:07 GMT
server
Google Frontend
x-powered-by
Express
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
ee9154eee03d47bafff86dc87fba5688
function-execution-id
ghzljrubuzn4
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| global object| AMP_CONFIG object| AMP object| __AMP_LOG object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES object| __AMP_EXPERIMENT_BRANCHES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy object| listeningFors object| AMP_FAST_FETCH_SIGNATURE_VERIFIER_ object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla

2 Cookies

Domain/Path Name / Value
.rtsak.com/ Name: _ga
Value: amp-hyaKX-cRL4wiKt9EOqwOlw
.rtsak.com/ Name: __cfduid
Value: d9022db2f130b2ccd799e910d99c70ecb1613472665

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/v0.js(Line 530)
Message:
Powered by AMP ⚡ HTML – Version 2101300534005 https://www.rtsak.com/dns-lookup/mercury.ts.checkpoint.com
console-api warning URL: https://cdn.ampproject.org/v0.js(Line 23)
Message:
[amp-social-share] Skipping obsolete share button gplus

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cdn.ampproject.org
d-16089196481049979349.ampproject.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
rtsak.robtex.com
rtsak2.robtex.com
rtsak5.robtex.com
rtsak6.robtex.com
rtsak7.robtex.com
stats.g.doubleclick.net
us-central1-amp-error-reporting.cloudfunctions.net
www.google-analytics.com
www.google.com
www.google.de
www.rtsak.com
www.threatminer.org
2001:4860:4802:36::36
2606:4700:20::681a:feb
2606:4700:20::ac43:4787
2606:4700:3030::6815:30cc
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:400c:c1b::9b
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
011767c567f29408b1eba21772d1d6d1c8cf6d7416410b46152b89ff90df1285
01de2ee261d8007c59a8f3536af7b4a1274526bd370ce468b400eab1888c2638
05a714591a87a3666b44e1872d464da51680f8807c6b6196dd837d9a120e2a88
1055c0ee01ab45a977e9b8bfd8367fa0be8b234fa593263fb1b0a3f2345b6800
1a0a32659c96f16858c9891b18e57d121765ba141f23de3e252d588dfb13bc70
22908da8b4e4678f253e4238fc58cc30d129e45ea0950c13c904f4cf11706b8b
241b498e8addec6c5b739088b17507dd0bafcef20ecc1267b83466b192772ea3
3b2a184ba2cf788cea7c9b86ad7e2ac6851abf21618de6e7309973854bd27cd0
3b6baa10284593ef2b3bc98916fa178001eed4e2e45f11f3df5602de0accbe5d
494c65226c423a4a61b14ba5d6888858e01870e0ace62ae3afde3c7598db1baf
49dcc8ce7f9323ced5ad5efffb79471fd80dba7ce097510b6b20f9fb40b6f65b
4e61cc901857ecd3154edc2cc35998aba50b8a5196f3b43dde6ef3c23f6b019b
58a2ecabf8c501573c80153d7017d45d780abe07adb8517758cb75a8863b1c2b
5f4552e0f042f7ae1c0c78009d3b7859a4b744e256f513b8bf839b27a95f7d0c
622221d4b92040a92cac29d6aaa27b1602fd92b28997885b56cad5e529e07731
635af0203692525e35e867c4e8d671740f8df68ec32ba32f2cc57606d596c91c
68844e61b10737b08f2bc0275a3031e22dc71b7c4c270255a2c2139c08bcf38d
693ac63831e820dd4f84115ed9abce82e7561d41604cc7ba801ea49c42f87402
6f53945eda017435c600f05df250c86a4788653b8e2e4c17aa7d647b4ce35bdd
83a0163d540a0872f8754089ea8456003870c856c95426005b3175488289aa09
8cea3d1194ce5d3b1153cbb960fe0b1194916400ad669bf8b10df535cad2baff
960a5ebecda4f1552a7e96d5ab1f4cef5d0458047275ad98acfcedd2259f4071
9bf97f16f3a4db0ac5490c17a81a4b3fdc5b2c740f51a398dfef4507bcf6a6f9
ba2b37b1e2e603544dc5c353391c29673a403e400621afffa97256a2263c657c
ce3c55f7e58806365fc61b525f4a2c2a0a1c55460ec330518e253fe14a20bdff
e2e19e681564228f397b2e474efaaf9ac443de7025613c4e27b4f45049672e41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e36228c2951aaed2c9aa0327fedeff17007435037b0d02c3a7919cfdb8cc18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f2288269dedb6d7083d09862a90694644c3e2f550567bda120f032a1e34bca
f2ac4d722812ae2c903479495f876eb809987c4af76e8341614936606dbc9114
f2d28776d2d0d2621a3c26234b4cf10c3599cf3e87d848f81c598119783a1d5e
f9ae7a2b6e32c264c23cc12c4bdacc4e4d1eb201f76a5ba2df135b2a1935ce48